<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Client VPN through ASA in Network Security</title>
    <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718546#M970795</link>
    <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;Right - &lt;/P&gt;&lt;P&gt;This is usually set on the Remote server end.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;The option - IKE over TCP &amp;amp; Port number is available in the client. there is a UDP option also for this. &lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;The default port for cisco is 10000.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;you can find this by inititing a session form the client &amp;amp; typing the following command &lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;show conn local ( ip of the client )&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;it will show you the connections&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
    <pubDate>Thu, 23 Aug 2007 12:12:46 GMT</pubDate>
    <dc:creator>anandramapathy</dc:creator>
    <dc:date>2007-08-23T12:12:46Z</dc:date>
    <item>
      <title>Client VPN through ASA</title>
      <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718541#M970788</link>
      <description>&lt;P&gt;HI,&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Does anyone know whats going on here? One of the clients on the network launches a cisco vpn client to an external resource and the client connects and is authenticated but no traffic passes. &lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;PAT is in use on the outside interface.&lt;/P&gt;&lt;P&gt;I have enabled nat traversal and sysopt connection permit-ipsec.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Thanks&lt;/P&gt;</description>
      <pubDate>Mon, 11 Mar 2019 11:01:11 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718541#M970788</guid>
      <dc:creator>kinskins01</dc:creator>
      <dc:date>2019-03-11T11:01:11Z</dc:date>
    </item>
    <item>
      <title>Re: Client VPN through ASA</title>
      <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718542#M970789</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;Hi, it is not you but the owner of the remote vpn server that has to enable nat traversal as it is part of the IKE negotiation between the IPSec peers.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Regards,&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;/Mattias&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Wed, 22 Aug 2007 14:06:23 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718542#M970789</guid>
      <dc:creator>mattiaseriksson</dc:creator>
      <dc:date>2007-08-22T14:06:23Z</dc:date>
    </item>
    <item>
      <title>Re: Client VPN through ASA</title>
      <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718543#M970791</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;HI thanks for the response. &lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;I have recently replaced a Sonicwall with an ASA and the connection worked fine through the Sonicwall.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Any ideas?&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Wed, 22 Aug 2007 14:38:26 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718543#M970791</guid>
      <dc:creator>kinskins01</dc:creator>
      <dc:date>2007-08-22T14:38:26Z</dc:date>
    </item>
    <item>
      <title>Re: Client VPN through ASA</title>
      <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718544#M970792</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;If you only have one client on your LAN you can use IPSec passthrough which is not enabled by default.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;In ASA I think the command is inspect ipsec-pass-thru.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;A sonicwall has probably all features enabled by default, wouldn't suprise me.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Wed, 22 Aug 2007 14:50:31 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718544#M970792</guid>
      <dc:creator>mattiaseriksson</dc:creator>
      <dc:date>2007-08-22T14:50:31Z</dc:date>
    </item>
    <item>
      <title>Re: Client VPN through ASA</title>
      <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718545#M970794</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;HI,&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;When the vpn was established from the client I got the following warnings on the ASA:&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;regular translation creation failed for protocol 50 src inside:192.X.X.X. dst outside:159.X.X.X&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Its related to PAT so I went and put in a static entry for the client so it nats out to its own Public IP and hey presto it worked.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Thanks for your help&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Thu, 23 Aug 2007 07:46:36 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718545#M970794</guid>
      <dc:creator>kinskins01</dc:creator>
      <dc:date>2007-08-23T07:46:36Z</dc:date>
    </item>
    <item>
      <title>Re: Client VPN through ASA</title>
      <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718546#M970795</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;Right - &lt;/P&gt;&lt;P&gt;This is usually set on the Remote server end.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;The option - IKE over TCP &amp;amp; Port number is available in the client. there is a UDP option also for this. &lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;The default port for cisco is 10000.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;you can find this by inititing a session form the client &amp;amp; typing the following command &lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;show conn local ( ip of the client )&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;it will show you the connections&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Thu, 23 Aug 2007 12:12:46 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718546#M970795</guid>
      <dc:creator>anandramapathy</dc:creator>
      <dc:date>2007-08-23T12:12:46Z</dc:date>
    </item>
    <item>
      <title>Re: Client VPN through ASA</title>
      <link>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718547#M970796</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;Hello there, you might want to have a look at this article that explains that you need to create an ACL with ACE in the new verison 8.0 of the ASA IOS to get the traffic flowing!&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;&lt;A class="jive-link-custom" href="http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702992.shtml" target="_blank"&gt;http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702992.shtml&lt;/A&gt;&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Thu, 23 Aug 2007 12:14:31 GMT</pubDate>
      <guid>https://community.cisco.com/t5/network-security/client-vpn-through-asa/m-p/718547#M970796</guid>
      <dc:creator>sdvorderh</dc:creator>
      <dc:date>2007-08-23T12:14:31Z</dc:date>
    </item>
  </channel>
</rss>

