An 827 w/ipsec/fw at each end with a pc at both locations doing ViaVideo across the Internet to each other. Both routers are doing a static nat to a public address. The only access list on the routers is for nat whith these 2 being denied right now. Either end tries to connect but the call is dropped right away. The configs are mirror images of each other. The connect to the vendor of the equipment but not to each other. Any ideas??
You can start by looking at the logging messages and see what is happening. If the tunnel is being built, you shouldnt see any firewall denies occurring. Can you do other TCP between these two machines? Are you sure ViaVideo can handle the NAT? There are too many variables to really figure this out here. I would talk to the vendors if I were you.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...