I have a query regarding Site to Site VPN setup between a Juniper SRX 3600 and Cisco asa.
We have a Cisco ASA and the client has a Juniper SRX 3600.
Scenario here is our end Cisco ASA outside interface is private ip (10.10.10.10) & Public ip(static one to one) mapping is being done at the perimeter router.
Client side they have direct public configured on the Juniper SRX 3600 with NAT-Trasversal disabled on the corresponding tunnel towards our side.
They have a strict policy to disable NAT-T which they wont enable it.So we have too disable NAT-T here on the tunnel.
The issue here is Phase-1 is coming up but phase 2 i dont see any IPSEC SA.
In this scenario where our ASA behind a NAT device (router) with NAT-T disabled will the site to site vpn works ? Will the tunnel comes up disabling NAT-T?
Any assistance will be helpfull.