Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2124
Views
0
Helpful
0
Replies

NAT-Traversal in ASA

Srinivasan Nagarajan
Level 1
Level 1

‎10-22-2018 02:24 AM - edited ‎02-21-2020 08:22 AM

Hi Experts,

 

 We've configured Remote Access IPSEC VPN on ASA (9.1). Users are configured to use VPN client. From the various blogs, I see "crypto isakmp nat-traversal"command is required for NAT-T but I don't see any configs relating to NAT-Traversal in ASA.  Please assist.

 

1.Is NAT-T allowed by default in ASA...?

2.Should we need to allow UDP-4500 in Outside Interface ACL...?


ASA # show vpn-sessiondb ra-ikev1-ipsec

Session Type: IKEv1 IPsec

Username : 12345 Index : 10489
Assigned IP : XX.198.175.30 Public IP : XX.242.13.39
Protocol : IKEv1 IPsecOverNatT                           ---------->>>>
License : Other VPN
Encryption : IKEv1: (1)AES256 IPsecOverNatT: (1)AES128
Hashing : IKEv1: (1)SHA1 IPsecOverNatT: (1)SHA1
Bytes Tx : 40104101 Bytes Rx : 2774721
Group Policy : GroupVPN   Tunnel Group : GroupVPN
Login Time : 03:10:53 EDT Sun Oct 21 2018
Duration : 2h:09m:30s
Inactivity : 0h:00m:00s
NAC Result : Unknown
VLAN Mapping : N/A

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card