09-15-2008 04:31 AM - edited 02-21-2020 03:56 PM
I have been fighting with this odd error for way too long now. I have an IPSEC VPN setup (this is on a Cisco 5510-ASA) and when I test it under our dialup account, "we use this just to test the VPNs" I can terminate and get my routes (split-tunneling is on). I can ping the hosts I setup without issue as well.
Now when I disconnect this VPN and try either my AT&T T1 here at the office or my cable connection at home, both on the same laptop that worked with dial-up, again I can terminate the VPN and get the routes yet this time I cannot ping the servers at all. I hate to recreate the wheel or in this case the VPN when it does appear to work...this is the strangest error I have seen yet. I have even called in the cable company to check their lines to see if they are blocking anything which they assured me they are not and all traffic for this connection are wide open. I can send traffic out the VPN but cannot receive anything.
Any assistance with this is greatly appreciated.
Rick
09-15-2008 05:40 AM
Hi Rick,
I think IPsec (esp packets) is being blocked by NATing done by your cable ISP or AT&T T1 .
Enable NAT traversal on the VP head end device . In your case ASA ,
"isakmp nat-traversal 30"
HTH
Saju
Pls rate helpful posts
09-18-2008 06:11 AM
Hey, thanks for the insight. I tried this out and got the same issue. I can send but receive nothing when connected via high speed.
Dial up still works fine though..
Rick
09-19-2008 05:44 AM
Strange thing is, Dial up works yet high speed does not even though they terminate to the same device and credentials...
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide