Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
732
Views
0
Helpful
2
Replies

regular translation creation failed for protocol 50 src inside

rootes-sunbeam
Community Member

‎07-14-2004 02:15 AM

Enviroment

CiscoVPN(CLIENT)---PsssThruPix---Internet---RemotePix

I want established a VPN tunnel to the romtePix, but i always got the logging message 305006.

What's wrong

PIX Version 6.2

The authentication is ok....

esp and udp/500 is permitted on the outside and inside interface

Please need help...........

Labels:
0 Helpful
2 Replies 2

ehirsel
Level 11
Level 11

‎07-14-2004 10:42 AM

It may be a nat or pat issue. Check if you are allowing NAT via a static to allow the inbound esp from the remotepix to the client on the passthurpix. If you are using PAT, then you need to upgrade to pix 6.3.3 and run the fixup protocol esp-ike to allow IPSec to traverse PAT functions correctly. Alternatively, on the remote pix upgrade the code to 6.3.3 and enable nat transversal for ike/ipsec sessions. Then on the passthrupix, allow udp from the client to remotepix port 4500. The client will need to be reconfigured to use NAT-T via IPSec over UDP in that case.

Let me know if this helps.

0 Helpful

rootes-sunbeam
Community Member
In response to ehirsel

‎07-15-2004 12:00 PM

upgraded to 6.3.3 with fixup protcol esp-ik, and now it's running

thanks Marcus

0 Helpful
Customers Also Viewed These Support Documents