04-24-2008 04:50 AM - edited 02-21-2020 03:41 PM
Hi,
i have a problem with an ASA 5505.
I have configured NAT-T for the remote access via IPSec and the cisco vpn client.
My ASA loses this config option once a day.
I configure NAT-T with a lifetime of 30 seconds, apply and save to flash.
The next day, there is no NAT-T configured anymore.
I suspect this happens when the ASA is re-establishing the internet connection.
Does anybody have a hint how to make this config option stay permanent?
Thanks in advance and best regards.
04-24-2008 05:50 AM
There was a bug that would remove the nat-traversal command when the ASA was rebooted. The workaround was to assign a non-default lifetime value. For example...
crypto isakmp nat-traversal 21
If you've set it to 30, you've already done the workaround. Was version of ASA?
04-24-2008 06:02 AM
Its an ASA 5505 with version 8.0(2)
04-24-2008 06:26 AM
04-24-2008 06:39 AM
I also recogniced i have to choose a value different from he default, thats why i chose 30.
The ASA is not rebooting (at least the uptime says that).
I am also monitoring this device with Nagios from an external server in the internet, it does not seem the device is rebooting (or it would be rebooting very fast).
I suggest it happens when the internet connection is re-established but i am not sure about hat.
Funny thing is, i have other ASAs running with version 8.0(2) which does not have this problem.
We also already replaced it with a new one, reconfigured it, but the behaviour is always the same.
05-12-2008 12:39 AM
Can anybody tell me if this is a known bug or am i just not able to configure an ASA correctly?
05-13-2008 11:15 AM
have you tried upgrading to 8.0(3)
05-13-2008 10:23 PM
Seems to me 8.0(3) is only accessible to users with a support contract.
As i do not have one, is there any chance for me to get 8.0(3)?
11-06-2008 05:14 PM
I am having this issue on 8.0(3). The weird thing is, only my Vista users cannot connect via VPN if Nat-T is not configured.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: