Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Host Access over RA VPN doesnt work without inbound access

Hi,

I have configured a RA VPN in a pair of Cisco ASA 5520 with LDAp authentication and local ip address pool. The RA VPN is working fine when I connect it from a direct internet with a public ip assigned to the client desktop without any firewall or inbound traffic restriction. But from office behind a firewall I can connect to the VPN but can not connect to any hosts over the VPN tunnel. The office Internet Firewall is configured to PAT all outgoing traffic without any inbound access. Can someone suggest what to configure in the VPN to allow connections via the vpn to the hosts behind the vpn when the vpn is being established from a PAT Global IP.

3 REPLIES

Re: Host Access over RA VPN doesnt work without inbound access

Try enabling Transparent NAT on the remote firewall.

Community Member

Re: Host Access over RA VPN doesnt work without inbound access

when u say Remote Firewall does that mean the firewall which is terminating the RA VPN or else?

Also are you suggesting this command crypto isakmp nat-traversal but my ASA has a public IP configured in the Outside Interface connected to the internet. Pls help & suggest. Is there any parameters to be changed in the VPN config to accept connections from PAT ip without a need of an inbound access from the VPN peer towards the PAT/NAT IP?

Community Member

Re: Host Access over RA VPN doesnt work without inbound access

pls help someone to resolve this.

119
Views
0
Helpful
3
Replies
CreatePlease to create content