Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

issue with pix/asa running v8.03 and client vpn

i updated my pix recently to 803. everything seems good mostly. just today i started having issues with client vpn. when i try to vpn out (through the pix) i can establish a tunnel but i cannot pass packets. the client says i am encrypting but does not see any decrypts. if I take the same laptop and go to a wireless hotspot and establish the same vpn connection, it works just fine.

any idea's?

Cisco Employee

Re: issue with pix/asa running v8.03 and client vpn

Make sure that you have ipsec over UDP allowed in your profile on the vpn client and that udp 4500 is allowed through your firewall - it sounds like you may be getting through p1/p2 but your firewall may be blocking ESP packets.

New Member

Re: issue with pix/asa running v8.03 and client vpn


thanks for the help. I think I know what happened, but I do not know why it happened. After staring at the configs for a while, I noticed that the following line was present:

no crypto isakmp nat-traversal

once I put the nat-traversal back in, everything worked....but I don't understand how this happened on 3 different systems. the only common fact is I upgraded them all to 8.02 about 1 week before....

i don't understand.

any, thanks

СоздатьДля создания публикации, пожалуйста в систему