IPSec tunnel not working through ASA
Posted on 2011-02-11
I am having a fit trying to configur an IPSec tunnel through our ASA 5505. We are attempting to connect multiple Netgear FVS318v3 routers on our internal network through the ASA to a hosted Cisco VPN concentrator. The Netgear connects up fine and we can access the hosted network fine from several remote locations (including my home which is NAT'd by a Linksys router) as well as if we bypass the ASA and connect directly to our ISPs router. However, when connected to the ASA the VPN tunnel shows established, but no traffic will pass either way across the tunnel.
The ASA is running version 8.0(4). I have allowed IPSec, isakmp, and UDP 4500 on the ASAs external interface and also enabled NAT-T. I have also verified that the hosting company has NAT-T enabled on the concentrator.
I'd like to avoid static NATing a public IP to each device inside as when these go out into the field they will be used on a myriad of networks. Including placing multiple routers on a single network with a NAT'd Internet connection. Any ideas are greatly appreciated and just let me know if more information is needed.