01-04-2019 09:21 PM - edited 03-12-2019 04:18 AM
Hey Guys;
Hopefully I can get some help here with this issue; as my head is spinning around in circles in trying to figure this out; long story short. My friend and I are doing a site 2 site vpn using a 1900 cisco router >>> Cisco Fw >>>> Vpn Net. I believe I have the correct routes on my router and fw; but whenever my friend tests the vpn I keep getting "Deny inbound UDP from ISP/500 to FriendsWan/60710 on interface OUT. I have allowed all ports all interfaces to test routes; but I keep getting the same message as my friend can't vpn connect. Please can someone look over my setup and see where im doing wrong or what can I do to fix this; this is my only project left is vpn setup and this is killing me (lol)...
Please see attachment for Fw and Router
Thanks
01-04-2019 10:07 PM
looks like one of the device behind NAT.look at this URL and make changes accordingly..
https://packetpushers.net/site-site-ipsec-vpn-nat/
01-05-2019 01:03 AM
01-05-2019 02:18 PM - edited 01-05-2019 03:24 PM
Hello;
Could it be possible that my nat is a problem on my firewall; i tried exempting it and it didn't work; i tried enable ip,upd,tcp on all interfaces still doesn't work; but i can always see the traffic when my friend tries vpn connection to me
Thanks
01-05-2019 02:18 PM - edited 01-05-2019 03:22 PM
Hello;
it seems like when my friend starts the vpn connection it dies and ends once its hits my firewall; and only maps i have is on my router to start the initiated vpn.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide