We have an ASA running 7.2(2) that one VPN tunnel to a Cisco device on the remote end connects but will not pass traffic. I'm unsure of the specific device as we don't maintain it, but we do use the Cisco VPN client. The interesting thing is that we connect to multiple other Cisco VPN servers (concentrator, PIXes and ASAs) without any problems. This is a recent ASA installation, and the old firewall (a Netgear) allowed us to connect with no problems. We can put the old Netgear back in place and the VPN connects fine. We can also VPN into this network from other locations, so we know it is working. I'm at a loss as to what to try next. Any ideas? I've tried a static one-to-one NAT translation, and "permit isa nat-t" is in place (but it won't function with the passthrough as I understand it) but the VPN still won't pass traffic. Any ideas?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...