Using VPN Concentrator 3030 rel 3.6 with client 3.5. I have a new user that can establish a new IPSec/UDP connection and get an assigned ip address on the inside. Problem is she can go nowhere form there. She cannot ping any of our internal addresses - nor can we get a reply from her inside address. I've seen personal firewall software cause this in the past but this does not seem to be the case here. I dont see anything unusual in the logs. Any ideas?
Usually this happens when IPSec is being blocked in the middle, so in this case you might want to try both the IPSec/UDP and IPSec/TCP option. Also try assigning her another address and see what the counters are saying for encrypts and decrypts, try turing off all Split tunneling to make sure all traffic is coming through the VPN. The v3.5 clients should work no problem with the v3.6 Concentrator version. I think this is either a Routing or a Firewall issue.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...