Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
506
Views
5
Helpful
7
Replies

VPN Prob..

s_mcanuff
Level 1
Level 1

‎02-12-2008 06:23 PM - edited ‎02-21-2020 03:33 PM

I have a Cisco PIX 515E firewall which I have config.. VPN on it, the VPN has been working with no prob.. for the past 3 years now, now I am getting a prob.. when I connect to the VPN it connect but I can't ping any server any more, when I look in the stat.. I see that I am only sending packets but not receiving any packets which is 0.

Can anyone tell me why this is so?

Labels:
0 Helpful
7 Replies 7

JORGE RODRIGUEZ
Level 10
Level 10

‎02-12-2008 09:47 PM

Could you post configuration or verify whether crypto iskamp nat-traversal exists in your configuration, if not add statement and try if does not resolve please post config.

Rgds

Jorge

Jorge Rodriguez

s_mcanuff
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎02-14-2008 08:13 AM

how can I verify that this is running?

0 Helpful

JORGE RODRIGUEZ
Level 10
Level 10
In response to s_mcanuff

‎02-14-2008 09:05 PM

in cli issue :

show run | inc isakmp

you should see a line statement as isakmp nat-traversal 20

if you do not have it in config try adding it as bellow and see if resolves problem.

PIX(config)#crypto isakmp nat-traversal

Rgds

Jorge

Jorge Rodriguez
0 Helpful

s_mcanuff
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎02-15-2008 05:37 AM

Jorge; Thanks for your help, however can u just explain that command? if that is not too much for u

0 Helpful

JORGE RODRIGUEZ
Level 10
Level 10
In response to s_mcanuff

‎02-15-2008 08:26 AM

Shane, this command may or may not resolve your issue, however, this statement is among troubleshooting steps process when it comes to Ipsec RA tunnels. What this command does when enable it allows VPN traffic to pass through nat/pat devices that may be encounter in between the source vpn client and your VPN server end point PIX/ASA. In many cases when this is disabled vpn client may successfully authenticate and connect but access to the internal network behind firewall is not possible.

In other words NAT traversal makes both ends automatically determined if there are any NAT/PAT devices in between the path.. since you asked what this does here is a good article on it http://technet.microsoft.com/en-us/library/bb878090.aspx

lets help resolve your problem

Rgds

Jorge

Jorge Rodriguez
0 Helpful

s_mcanuff
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎02-15-2008 06:07 PM

Jorge, Thx alot for your help, it is working now when I test it I can access the LAN now

0 Helpful

JORGE RODRIGUEZ
Level 10
Level 10
In response to s_mcanuff

‎02-15-2008 08:09 PM

Shane, thank you for posting the update and glad it is working .. please rate post if it did help.

Best Rgds

Jorge

Jorge Rodriguez
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents