Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

PAT with VPN doesnt work

Hi guys,

with reference to the above, i dont know why only one ip in the 10.10.10.x range passes traffic via the tunnel while the rest does not. I have the following nat policy configured

nat (inside) 1 access-list xxx

global (outside) 1 200.200.200.1-200.200.200.30 netmask 255.255.255.0

access-list xxx permit ip 10.10.10.x 255.255.255.0 50.50.x.x 255.255.0.0

access-list crypto permit ip 200.200.200.0 255.255.255.0 host 50.50.50.5

isakmp nat-traversal 20

sysopt connection permit-vpn

1 REPLY
Silver

Re: PAT with VPN doesnt work

better disable the monitoring for the interface whose static translation is created.you need to open esp protocol for source and destination and also open udp port 500 ( isakmp) for vpn traffic to work .

109
Views
0
Helpful
1
Replies
CreatePlease to create content