I am trying to use the new IPSec Transparency VPN. I have a Cisco 3620 router using this bin file c3620-ik9o3s3-mz.122-13.T1.bin. What happens is anytime I apply an access list to the serial interface even if it says permit ip any any, the vpn will connect and authenticate but it can not ping anything on the LAN for example 10.1.0.1. If I removed the access-list from the serial interface everything works. Does anyone know if this is a bug or if I am doing something wrong?
I have included my config file with all of the public addresses taken out.
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
clock timezone PST -8
clock summer-time zone recurring
aaa authentication login userauthen group radius
aaa authentication login vtymethod group radius enable
aaa authorization network groupauthor local
aaa session-id common
no ip source-route
ip inspect name inspect1 rtsp timeout 3600
ip inspect name inspect1 cuseeme timeout 3600
ip inspect name inspect1 http java-list 15 timeout 3600
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...