If i connect from my home network to the company network the monitoring shows a connection with "IKE IPsecOverNatT" and i`m able to connect to the servers and so on.
But if i connect from a notebook with a mobile internet connection the monitoring shows a connection with "IKE IPsec" and i`m not able to connect to any service inside the vpn. Is this a ASA problem or is this a mobile internet connection (provider) problem
Sounds like the provider problem if you can connect from your home network, that means it's not an ASA configuration issue as NAT-T has been enabled.
From your home network, it correctly encapsulates the ESP packet into NAT-T packet (normally UDP/4500).
From your mobile internet connection, it seems like they are not PATing the traffic hence the ASA does not detect a NAT device in between, hence using the ESP protocol, which seems to be blocked by the mobile internet provider if you can't access anything on the ASA inside network (this is assuming that your VPN stats are showing that traffic is getting encrypted) and on the ASA stats (show cry ipsec sa), there are no decrypt packets.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...