IPSec-awareness NAT Spi-Matching Scheme

How do I find out if my Router has IPSec-awareness NAT spi-matching scheme  . . . I am having issues getting a tunnel up between my Cisco 2811 and a ASA . . . logs show it is using NAT-Traversal (default) . . . but I see refernces to SPI Matching. If they are conflisting I can trouble shoot.
Who is Participating?
You might take a look at http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftsecnat.html

"SPI Matching
SPI matching is used to establish VPN connections between multiple pairs of destinations. NAT entries will immediately be placed in the translation table for endpoints matching the configured access list. This is available only for endpoints that choose SPIs according to the predictive algorithm implemented in Cisco IOS Release 12.2(15)T."

Do you multiple destinations on either the router or the firewall?
Kindly post your configuration of router and asa....
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.