06-15-2007 08:35 AM
I have a asa5505 if an outside computer has a wan ip address it will see the computers on the network. If the computer is behind a router (any router) it will connect fine but will not see any computers on the network. All computer on the in the vpn are a 10.1.1.0 network and the connecting computers are on a 192.168.1.0 network. All subnet mask are 255.255.255.0. Thanks in advance.
Solved! Go to Solution.
06-20-2007 08:39 AM
Add the following command to your ASA.
crypto isakmp nat-traversal
In ASDM, it would be located as a checkbox "Enable NAT-T" located under config -> vpn -> ipsec -> ipsec rules -> select the dynamic entry -> Tunnel Policy advanced tab -> enable nat-t
This will allow users behind pat devices to use nat-t and should solve your problem.
Please rate if it helps.
06-18-2007 05:26 AM
Sounds like a nat-traversal problem. What version is your 5505?
06-20-2007 08:27 AM
7.2 (2) is the asa ver and 5.2 (2) is the asdm
06-20-2007 08:39 AM
Add the following command to your ASA.
crypto isakmp nat-traversal
In ASDM, it would be located as a checkbox "Enable NAT-T" located under config -> vpn -> ipsec -> ipsec rules -> select the dynamic entry -> Tunnel Policy advanced tab -> enable nat-t
This will allow users behind pat devices to use nat-t and should solve your problem.
Please rate if it helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide