cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
270
Views
0
Helpful
1
Replies

PAT with VPN doesnt work

o.ilesanmi
Level 1
Level 1

Hi guys,

with reference to the above, i dont know why only one ip in the 10.10.10.x range passes traffic via the tunnel while the rest does not. I have the following nat policy configured

nat (inside) 1 access-list xxx

global (outside) 1 200.200.200.1-200.200.200.30 netmask 255.255.255.0

access-list xxx permit ip 10.10.10.x 255.255.255.0 50.50.x.x 255.255.0.0

access-list crypto permit ip 200.200.200.0 255.255.255.0 host 50.50.50.5

isakmp nat-traversal 20

sysopt connection permit-vpn

1 Reply 1

owillins
Level 6
Level 6

better disable the monitoring for the interface whose static translation is created.you need to open esp protocol for source and destination and also open udp port 500 ( isakmp) for vpn traffic to work .

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: