06-15-2007 08:35 AM
I have a asa5505 if an outside computer has a wan ip address it will see the computers on the network. If the computer is behind a router (any router) it will connect fine but will not see any computers on the network. All computer on the in the vpn are a 10.1.1.0 network and the connecting computers are on a 192.168.1.0 network. All subnet mask are 255.255.255.0. Thanks in advance.
Solved! Go to Solution.
06-20-2007 08:39 AM
Add the following command to your ASA.
crypto isakmp nat-traversal
In ASDM, it would be located as a checkbox "Enable NAT-T" located under config -> vpn -> ipsec -> ipsec rules -> select the dynamic entry -> Tunnel Policy advanced tab -> enable nat-t
This will allow users behind pat devices to use nat-t and should solve your problem.
Please rate if it helps.
06-18-2007 05:26 AM
Sounds like a nat-traversal problem. What version is your 5505?
06-20-2007 08:27 AM
7.2 (2) is the asa ver and 5.2 (2) is the asdm
06-20-2007 08:39 AM
Add the following command to your ASA.
crypto isakmp nat-traversal
In ASDM, it would be located as a checkbox "Enable NAT-T" located under config -> vpn -> ipsec -> ipsec rules -> select the dynamic entry -> Tunnel Policy advanced tab -> enable nat-t
This will allow users behind pat devices to use nat-t and should solve your problem.
Please rate if it helps.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: