07-12-2004 01:04 PM - edited 02-21-2020 01:14 PM
With my setup for the VPN Client, if a dial-up with my windows machine I can connect to the Pix, Authenticate and gain access to my internal network.
However from home I connect via ISDN through my 1603 and I am running NAT overload to my bri address. When I use my VPN Client I can connect to the Pix and authenticate, however I see that my packets that get encrypted aren't received by the Pix. It basically looks like the tunnel is established correctly but there is no data transfer.
What can I look at to see why my traffic isn't getting there.
07-13-2004 05:26 AM
Scenario: Trying the same as above but from behind another Pix ......better logging than the router ;)
In addition to this I have been playing around. I have noticed that it seems with the IPSec/UDP enabled in the client somehow ESP isn't being encapsulated. The initial connection to the Pix is and once I'm authenticated and try and ping a device on the internal network my Pix picks up the following:
portmap translation creation failed for protocol 50 src my inside addy to the remote Pix addy.
This leads me to believe that the IPSec/UDP aint working.
Is there anything in addition on the Pix I have have to do for this?
I need to be able to use the VPN Client from behind any NAT device.
07-14-2004 06:38 PM
Hi
Try the following command on the pix side , be advised this requires version 6.3.3
isakmp nat-traversal
regards
FEC
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide