no datatraffic on IPsec session between NATted SonicWall and Cisco VPN3030
At the moment I'm implementating a VPN/IPsec network with Sonicwall and Cisco equipment. I'm using a Cisco VPN 3030 concentrator and a SonicWall SOHO3. The SonicWall is connected to the Internet through a static NAT 1 to 1 mapping. So it is configured with an RFC 1918 IP address (10.0.0.2) but it has an public IP address on the Internet.
I've configured the VPN concentrator according a PDF document on the SonicWall support website. The IKE session and the IPsec sessions do come online when I try to ping but no traffic is possible. I've upgraded the SonicWall and the concentrator to the lastest firmware in order to get NAT traversal supported but no way...
The strange point is that I have a working VPN tunnel between a SonicWall (200, I don't know for sure) and the Cisco VPN concentrator. The only difference is that the SonicWall is not behind a NAT mapping but it is directly connected to the network.
Even more strange: I've got data traffic accross the VPN to the NATted SonicWall SOHO3 if I play around with the Ethernet fragmentation settings on the Cisco VPN Concentrator but this kills the other VPN tunnel to the SonicWall 200.
So I would like to know if one of you has had these problems before or know some links to documentation about the Ethernet fragmentation between SonicWalls and Cisco concentrators.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...