Showing results for 
Search instead for 
Did you mean: 

Cisco SA520w

Allen Smith


Need help setting up VPN on Cisco SA520w

Comcast SMC router connected to Cisco SA520w. Comcast is on 10.1.10.x subnet. Cisco is assigned to (NAT'd) subnet via

This is what I have done:

Open ports on Comcast SMC router:

tcp 1723, 443

ip port 47

udp 500, 4500

udp `1701

tcp 1723, 443
ip port 47
udp 500, 4500
udp `1701

On Cisco SA520, went to VPN wizard enabled Cisco VPN client, selected remote access, set split tunnel, set IKE and VPN policies

When I try and connect via VPN Client, I get a 412 error. I tried opening the ports from the SA520.

no CLI is frustrating

I think the problem is all my interfaces are being NAT'd which is conflicting  with the VPN................

Frustrated and exhausted.....

Thanks for any help

2 Replies 2

Rising star
Rising star


This community does not provide technical support and is not staffed with technical support experts. I recommend you also post this and future technical support questions to the Cisco Support Community ( where our Cisco technical support experts provide assistance. Another option is to open a ticket with the Cisco Technical Assistance Center ( to get expert debugging assistance.

Hope this helps.

Kelli Glass

Moderator for Cisco Customer Communities

Nilo Noguera

Hi Allen,

Cisco SA520W Security Appliance is a product of our Cisco Small Business team and it's already an end-of-sale and end-of-life product.

You can also reach out to our SMB Technical team. This is the dedicated department who handles post sales inquiries such as feature support and system configuration. Our SMB engineers will be happy to attend to your inquiry. Please check if you have a Cisco contract such as SMARTnet or Cisco Software Application Support (SAS) Service is required to be able to be covered by TAC. Feel free to contact them via the following:

To check for the Cisco SMB Technical team support number per country, please check the link below:

If you don't have a Cisco contract such as SMARTnet or Cisco Software Application Support (SAS) Service to be able to be covered by TAC, you can post your question to the Cisco Support Community website ( and somebody will assist you with your questions.

I appreciate this opportunity to assist you and I do hope the information I sent you pointed you to the right direction.

Best regards,


Nilo Noguera

.:|:.:|:. Security Specialist, Cisco Global Virtual Engineering - Cisco Partner Help

"niLz" Nilo Noguera Jr. | Specialist, Virtual Engineering - Partner Helpline Organization together we are the human network
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers