Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN client issue

Hello everyone,

please advise me with the following problem:

i configured an ASA for VPN client. The asa is behind a router that permits esp, udp 500 and udp 4500 for any.

The issue is: if i connect with the vpn client from my site (company) to the asa, i receive one of the atdresses configured (the vpn pool) and i can ping and telnet any host from the ASA's inside lan.

If i connect via a modem (3G) or from a virtual machine on my computer i can not ping or telnet to anything even if i receive the same ip from the pool. So the VPN client gets connected but i can not do anything in the ASA's inside network. More... if i look in the Statistics window in the vpn client it shows that it sends and encrypts packets, but does not receive and decrypts none. If i look in the ASA for sho cry ipsec sa for that peer it does not receive or send any packet.

Did you see this problem anywhere else? What could be wrong? In both situation the vpn client go to ASA with a public ip.



Re: VPN client issue

Enable "TCP Nat traversal" some providers do not like encrypted traffice to traverse their networks. once you enable it - normally port TCP 10000 - this can be defined, remember to allow that specific TCP port thru the router.