01-07-2009 02:05 PM - edited 02-21-2020 04:07 PM
Hello,
I am having trouble getting my VPN working, I think the trouble is in my nat statement.
I am only working with 3 devices, a laptop connected to WAN port, the router, a desktop connected to the lan side.
Laptop ip is 69.50.57.154 255.255.255.248, the cisco client connects and I receive a valid ip 192.168.15.101 the client is showing the secured route as 192.168.0.0
Desktop is configured as 192.168.0.10 255.255.252.0
I have attached the config.
01-15-2009 02:50 PM
NAT-Traversal or NAT-T allows VPN traffic to pass through NAT or PAT devices, such as a Linksys SOHO router. If NAT-T is not enabled, VPN Client users often appear to connect to the PIX or ASA without a problem, but they are unable to access the internal network behind the security appliance.
If you do not enable the NAT-T in the NAT/PAT Device, you can receive the regular translation creation failed for protocol 50 src inside:10.0.1.26 dst outside:10.9.69.4 error message in the PIX/ASA.
Similarly, if you are unable to do simultaneous login from the same IP address, the Secure VPN connection terminated locally by client. Reason 412: The remote peer is no longer responding. error message appears. Enable NAT-T in the head end VPN device in order to resolve this error.
Note: With Cisco IOS Software Release 12.2(13)T and later, NAT-T is enabled by default in Cisco IOS.
01-18-2009 09:05 PM
I have the same problem. After the Cisco VPN client connects, the Remote office was not able to access the internal network (intranet web server and SQL database) even though the Split-tunnel is enabled. How do you enable NAT-T on the ASA 5550? Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: