cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
576
Views
0
Helpful
1
Replies
Highlighted

EZvpn IOS to ASA behind NAT

Hi,

I am trying to set-up ezvpn between a 881W(client) and and ASA5510 (server). The setup works correctly if the 881W is directly connected to the ISP. But I need to connect it behind a ASA5505 with NAT. This way the VPN do not mount.

In the ASA5510 (ezvpn server) the group-policy includes the following commands:

ipsec-udp enable

ipsec-udp-port 10000

But it looks like the 881W still try send traffic over esp.

Any advices to bring this up ?

Pascal

1 REPLY 1
Highlighted
Advocate

make sure you are forwrding UDP 4500 - L2L VPN's do not negotiate NAT-T ports, they use the RFC defined - UDP 4500.

HTH>