I recently upgraded the IOS on our 1751 router to 12.4(5) and consequently broke the remote access VPN that I set up about 2 years ago. I noticed that for some reason I lost all the stored passwords for the vpn group and radius. After putting those back in, I can connect to the vpn successfully, but once connected I can't seem to pass any traffic across the tunnel. I can't even ping the client from the router. I've compared the running config with old backups and another currently working config, but I can't see any problems. In testing I also noticed that split tunneling is no longer working...
I've been staring at this config too long. Please tell me I'm just overlooking something simple.
so isakmp doesn't seem to be a valid command on my 1751 router, but I just fired up an old Pix-520 and typed "isakmp ?" and it DID list 'isakmp nat-transersal'. which is good to know, but doesn't help me any.
however I found this quote in the Cisco IOS Security Configuration Guide, Release 12.4:
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...