Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AT&T Global Network Client Connectivity Issues

I'm attempting to get the AT&T Global Network Client to work thru our ASA5510. With my current congiguration if I add the following statement:

STATIC (inside,outside) interface A.B.C.D. (addr of pc that's running the client) NETMASK TCP 0 0 UDP 0

The ATA&T VPN gets established and works fine BUT none of my outside VPN clients can connect. Any help would be appreciated.

AT&T send out a notice stating their servers are not configured to support NAT-T and will not in the future. They offered 2 possible generic solutions.

1. Create a NAT pool of IP address that can be assigned to each user.....or

2. Assign a static address to each end users PC.

If number 1 will work how do I do that?

Number 2 already applys to us since all our workstations have static address assign. How do I implement number 2?


Re: AT&T Global Network Client Connectivity Issues

Nat-t is definitely your issue. Without it or more public ip addresses, you will only be able to establish one ipsec tunnel outbound and during this period you will not be able to use the ASA to terminate vpn's.

1 or 2 will not work unless you have more ip addresses to use.

1. global (outside) 1 netmask

nat (inside) 1

2. You already showed an example of this above.

STATIC (inside,outside) interface A.B.C.D.

Another example would be...

STATIC (inside,outside) A.B.C.E netmask

I thought this sounded familiar...

So it was nat-t after all.