We have a VPN 3000 concentrator, and there are a group of users at a remote office behind a firewall(Sonicwall). Their computers have 192.168 addresses and are PATed to the firewall's outside address. When they connect to the concentrator(we're trying to use IPSec over TCP), after a certain amount of traffic passes through the VPN tunnel, their connection is dropped with an error 412.
I have talked to both Cisco and Sonicwall, and haven't had any luck in getting this resolved. Cisco suggested we enable NAT-T, but the clients don't even get a login when we have that enabled.
Has anyone seen this type of behavior, and if so, how did you resolve it? Thanks.
Ben did you get any answers on this problem? we are having the same issues plus when we try to connection to VPN we also get a security gateway time out on out public int. any help would be great. Or if we do get connected we disconnect after 10 -15 mins. then we have to wait 10-15 mins before we can re-connect.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...