I have the foloowing setup. I am using the Cisco VPN client 3.5, connecting to a network using PAT on a 1605 which grabs a dynamic address (ADSL). The distant end is a 2611 running 12.2.8T IOS.
I am able to connect, ping, see network, etc with a real ip but not behind the PAT. Behind the PAT, I can connect to the 2611 and login, but no data seems to be passed. I am using IPSEC over UDP. When I try to use IPSEC over TCP port 10000, I don't even get a connection!
I have a static map in the 1605 (mapping UDP port 500 on the ethernet to an inside address) but it appears to only work for the login and nothing else.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...