Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problem with VPN Client passthrough on ASA 5505

I am having a problem with passing through a VPN client connection on an ASA 5505. The ASA is running version 8 and terminates an anyconnect VPN. The ASA is using PAT. When the inside user connects with the VPN client, it connects but no traffic passes through the tunnel. I see the error

305006 regular translation creation failed for protocol 50 src INSIDE:y.y.y.y dst OUTSIDE:x.x.x.x

UDP 500,4500 and ESP are allowed into the ASA. Ipsec inspection has also been setup on a global policy, but the user still cannot pass traffice to the remote VPN he is connected through.

At the Main Office we have an ASA 5510 that terminates a site to site VPN, allows remote connections with PAT and allows passthrough no problems. Any ideas?

4 REPLIES
New Member

Re: Problem with VPN Client passthrough on ASA 5505

I am having a simuliar issue with my ASA 5505 that I have set up. I am trying to VPN into the Office. I have no problem accessing the Office network when I am on the internet without the ASA 5505. After I installed the 5505, and there is internet access, I try to connect to the Office network without success. The VPN connects with the following error.

3 Dec 31 2007 05:30:00 305006 xxx.xx.114.97

regular translation creation failed for protocol 50 src inside:192.168.1.9 dst outside:xxx.xx.114.97

HELP?

Silver

Re: Problem with VPN Client passthrough on ASA 5505

hi,

Is the VPN server configured to use ipsec-over-tcp or NAT-T ?

John

New Member

Re: Problem with VPN Client passthrough on ASA 5505

I just says IPSec

Also I am using (and can not change) version 4.6.02.0011 client SW to do the VPN to Office

New Member

Re: Problem with VPN Client passthrough on ASA 5505

Interestingly enough, all I had to do is change it to IPSec over UDP (NAT/PAT) and it worked fine. I did not want to risk changes to the Office supplied VPN config, but what the heck, it worked. Thanks for the nudge!

423
Views
0
Helpful
4
Replies