I have a number of ASA 5505 boxes which I need to reconfigure to work with a Watchguard XTM 850 over IPsec. The 5505s were previously configured to connect back to a 5510 Firewall using EasyVPN. With EasyVPN still enabled, the remote boxes attempt to make a connection back, but there are a few settings such as Identity and Encryption types I need to modify to connect to the Watchguard firewalls. It appears that these settings cannot be changed with EasyVPN enabled. If I disable it, and change the identity and authentication settings, the boxes do not attempt to make a connection back. I'm not sure if what I am trying to do is even possible at this point, and I am in dire need of some direction.
It is not clear from this description what is the problem and it sounds like either some part of your config changes is not correct or that there is some mismatch between your config and the config of the remote device. A starting place would be to post your config (masking off sensitive information such as public addresses and passwords.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...