Thanks for all of your help.
I needed the route inside 172.20.5.0 255.255.255.0 192.168.1.x 255.255.255.0 command.
Evertything appears to be working correctly now.
Ran into another problem this morning. I've tested everything on my end and it works great. Client has a new web server that we are supposed to RDP into once connected to VPN and set up. From my office logged in with our account, I can RDP to the server fine. From a different office, my web developer tries to log in and gets connected fine but can't RDP into the server. Any ideas why it would work from here but not from there?
It enables nat-traversal which allow you to have ipsec esp packets encapsulated in udp. To put it simply, if a vpn client is behind a pat/nat device, ipsec and pat are incompatible, therefore nat-t must be enabled and used. It runs over udp port 4500.
I am in a middle of setting up an ipsec-vpn with ikev2. but my tunnel-group ipsec attributes will not accept
ikev2 command. Please refer to output below:
ata-FW(config)# tunnel-group RAVPN ipsec-attributes
tunnel-group configuration commands:
authorization-required Require users to authorize successfully in order to
chain Enable sending certificate chain
exit Exit from tunnel-group IPSec attribute configuration
help Help for tunnel group configuration commands
ikev1 Configure IKEv1
isakmp Configure ISAKMP policy
no Remove an attribute value pair
peer-id-validate Validate identity of the peer using the peer's
radius-with-expiry Enable negotiation of password update during RADIUS