Hi Guyz, we have setup a site to site VPN with Cisco 831 router at one end connecting to a Head-end router on the other end. The 831 is connected to a SMC7904WBRA ADSL modem. This is my own Modem and not supported by our ISP. We are using dynamic IP.
The problem is that I can browse the internet if i directly connect a pc to the ADSL router. But in the VPN setup, a debug IP shows IP reaching the headend and on its way back, gets dropped at our ISP side.
Discussions with our ISP says that they see a new session being created every few minutes by out ADSL router.
So can someone tell me what needs to be done. From what I know, this ADSL router model has NAT and SPI firewall enabled by deafult. Will disabling this solve the issue. I have NAT configured on the 831 router already.
Please advice. This technology is pretty new to me.
Just to let you know that I cant just go ahead and disable NAT on the router. Iv been instructed to put forth all possible solutions. I have suggested :
1) Considering a ADSL router supported by the ISP. or
2) Keeping the same ADSL router and opting for a static IP. ( Our ISP is pretty sure that opting for a static IP will definitely solve this problem)
I have ruled out any issue with our current configurations on the 831 Router as we have confugured it by strictly adhering to our Organizations best practices, and moreover such site to site VPN setups were already implemented with the same configuration at our company locations in other Countries.
The reason for using my own ADSL router is because our ISP's lead time for a new device is Three weeks which isnt feasible enough considering our tight roll out schedule.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...