Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5510 nat-traversal problem

Our ASA 5510 has sw ver 8.0(2) and DM ver 6.0(2). Through ASDM on the menu Configuration>Site-to-site VPN>Advanced>IKE parameters under NAT transparency we checked "Enable IPSec over NAT-T" and wrote config to startup and also we did it manually. After power failure and start ASA 5510 lost this part from config file. So we have to put command "crypto isakmp nat-traversal" manually. Because through ASDM it hasn't effect. It's happened two times.

Any idea?

2 REPLIES
New Member

Re: ASA 5510 nat-traversal problem

Hello,

There are two bugs that could be related to it. If you have access to the bug toolkit, check CSCsj52581 and CSCsq65580.

I think it is the first bug, so an upgrade to ASA 8.0.4 (which I would recommend anyhow if you use the ASDM) would sovlve the problem.

Kind regards

P-J Nefkens

Green

Re: ASA 5510 nat-traversal problem

Or change the timeout to a non-default value.

crypto isakmp nat-traversal 21 (not default 20)

1727
Views
0
Helpful
2
Replies