Hopefully I can get some help here with this issue; as my head is spinning around in circles in trying to figure this out; long story short. My friend and I are doing a site 2 site vpn using a 1900 cisco router >>> Cisco Fw >>>> Vpn Net. I believe I have the correct routes on my router and fw; but whenever my friend tests the vpn I keep getting "Deny inbound UDP from ISP/500 to FriendsWan/60710 on interface OUT. I have allowed all ports all interfaces to test routes; but I keep getting the same message as my friend can't vpn connect. Please can someone look over my setup and see where im doing wrong or what can I do to fix this; this is my only project left is vpn setup and this is killing me (lol)...
Please see attachment for Fw and Router
looks like one of the device behind NAT.look at this URL and make changes accordingly..
Could it be possible that my nat is a problem on my firewall; i tried exempting it and it didn't work; i tried enable ip,upd,tcp on all interfaces still doesn't work; but i can always see the traffic when my friend tries vpn connection to me
it seems like when my friend starts the vpn connection it dies and ends once its hits my firewall; and only maps i have is on my router to start the initiated vpn.