We have a 3005 VPN Concentrator terminating all of our remote access VPNs. One of the internal domain controllers went down which serves as DHCP/DNS servers for remote access VPN users. I changed the settings in numerous locations within the Concentrator configuration which has the new servers but users are still unable to connect. It gets stuck on "Negotiating Security Policy". I have confirmed from the VPN log that users are being authenticated properly. The log shows:
Please make sure that when you goto Configuration | System | Address Management | Assignment, 'Use DHCP' is checked. When you goto Configuration | System | Servers | DHCP, you have the correct DHCP IP. Please also make sure that this server is pingable from the concentrator.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...