Cisco UCM 500 VPN Weird Issue

mohdkadie · ‎12-25-2012

Hey all,

i hope everyeone is ok

i am facing an issue

I have Cisco UCM 520 Router having latest IOS : uc500-advipservicesk9-mz.124-22.YB5.bin"

My configuration is as the following:

I have VPN site-to-site between 2 sites (Between Cisco UCM 520 to 2x Cisco 1841 ISR Router)

I have VPN Remote access

every 15 mins when i do :

show ip nat translation esp i see:

esp My Public IP:0 Client from my LAN ::0 One Public IP from the Other Site we having Site-To-Site:3729792424 One Public IP from the Other Site we having Site-To-Site :DE501DA8

esp My Public IP:0 Client from my LAN ::0 Second Public IP from the Other Site we having Site-To-Site :1483044416 Secod Public IP from the Other Site we having Site-To-Site :58657640

and the other thing:

All Clients from INSIDE can access internet but no more VPN

People from outside can't initiate VPN remote access neither can ping or SSH anymore to the CISCO UCM 520

Is there any solution for this please??

Thanks in advance

mohdkadie · ‎12-25-2012

Also the new strange when i issue:

show ip nat translation udp | in :500

i can find : Local Clients from insidie trying to initiate ISAKMP port 500 with the 2 other branches router directly

like this:

udp

My Cisco UCM 520 Public IP:0:500 192.168.254.57:500 One Public IP from the Other Site we having Site-To-Site :500

One Public IP from the Other Site we having Site-To-Site :500

Why is happening like that!!

if i do:

clear ip nat translation * (everything will work fine for 10 - 15 mins and cycle again)

Note: MY VPN site-to-site is configured in the SVTI Tunnel

Please help with too many thanks