Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN client not passing traffic

Ive set up a RA connection from a laptop running the Cisco VPN client to an ASA 5510, using IPsec over UDP (port 7715). The tunnel sets up, but no traffic will pass over it. Checking the stats at both ends, I see traffic encrypted by the client, but there is no increase in the decrypt counters on the ASA. I'm also seeing the following error messages in the logs :-

7|Jan 22 2007|09:35:52|710005|217.x.x.x|164.x.x.x|UDP request discarded from 217.x.x.x/7715 to External_Interface:164.x.x.x/7715

3|Jan 22 2007|09:35:52|713042|||IKE Initiator unable to find policy: Intf External_Interface, Src: 164.x.x.x, Dst: 217.x.x.x

7|Jan 22 2007|09:35:52|715077|||Pitcher: received a key acquire message, spi 0x0

Any ideas ? I do have an ACL on the external interface to allow UDP traffic on port 7715.

1 REPLY
Anonymous
N/A

Re: VPN client not passing traffic

The following has to be done to recover from the issue

1. Remove the following

crypto dynamic-map store match address outside_cryptomap_< number>

and had to add the following config

nat (outside) x.x.x.x 255.255.0.0

global (outside) interface

134
Views
0
Helpful
1
Replies
CreatePlease login to create content