I have setup my Cisco IOS firewall for SSL and IPSec VPN client. SSL works fine, I can connect using anyconnect and access the local LAN and router interfaces. However I am having issues with IPSec VPN. With IPSec VPN I can connect via the client, but cannot ping any of the router interfaces or Local LAN. From the router itself I am unable to ping the IP address assigned from the VPN pool.
A show static route on the router shows a route to the IP address of the vpn client via the address of my physical NIC on my PC.
I added the "ip nat inside" command to the Virtual Template on my router and it still won't route traffic over
the IPSEC tunnel. The VPN client software shows encrypted packets going over the tunnel, but 0 packets decrypted - it's not getting any packets from the router to decrypt. I can see the encrypted packets go over the tunnel on the router side but they are not being received at the client.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...