VPN client connecting but cant see any traffic

Unanswered Question
Nov 18th, 2006
User Badges:

dear all i have an ASA 5510

i have created vpn using ASDM and user from remote place is able to connect and he is getting one ip from the specified range pool. but there is no traffic flow please check the attached configuration and help.

i will rate all the posts.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ggilbert Mon, 11/27/2006 - 10:22
User Badges:
  • Cisco Employee,

I cant seem to download your config.

Can you please send me the output of the following from the ASA.

sh ip

sh run nat

sh run all tunnel-group

sh run all group-policy

ggilbert Tue, 11/28/2006 - 09:26
User Badges:
  • Cisco Employee,

Hi - I did download the config of your ASA and looked through to find if there is any misconfigurations.

1. It is advisble to use a different network range for IP pool rather than using the same internal network range.

Your internal network was 192.168.1.x/24

Your IP pool was

Use a different pool of networks -

2. Make sure you create the NO nat ACL.

access-l Inside_nat0_outbound per ip

Let me know if this helps

- Rate it, if it helps -

danhosking Fri, 12/01/2006 - 02:19
User Badges:

I have a very simalar problem. I am seeing decrypted/encrypted packet on the ASA but zero decrypted packets on the client.

ggilbert Fri, 12/01/2006 - 09:35
User Badges:
  • Cisco Employee,

Make sure, there isnt any firewall that would block ESP traffic on the client side.



danhosking Tue, 12/05/2006 - 22:09
User Badges:

The issue I had was that the ASA did not have IPSEC over Nat enabled. Check the global IKE parameters to enable this.


This Discussion