Remote VPN issue with ASA 5510

Need a quick answer on this:

I have a Cisco ASA 5510 with many IPsec remote access vpn users connected through Cisco remote software. We send out our .pcf file and have them install the software on their PC/laptop, etc. This seems to work flawlessly for everyone except one particular company. They can connect to the ASA but can not see anything beyond that.

Their tech is telling me I need to enable: isakmp nat-traversal 20 for it to work, but I don't understand why I should do this when everyone else is perfectly fine.

In case it matters we also use split-tunnel on the remote VPN connections.

LVL 12
Who is Participating?

Improve company productivity with a Business Account.Sign Up

Ernie BeekConnect With a Mentor ExpertCommented:
It could be an option. On the other hand, would it hurt to enable the Nat traversal? Are there specific reasons you don't want to implement that?
Ernie BeekExpertCommented:
As per:

'nat-traversal' allows a VPN client that's behind a NAT device (router or firewall performing NAT translation) to successfully connect to a PIX via VPN.  NAT-traversal is off by default, so you have to enable it, as you've seen above.  Without nat-traversal, a VPN client that wanted to connect to your PIX would have to have a public IP directly configured on it, such as: a) using a DSL or cable modem connected to your PC, or b) PC connecting via dialup.
michaelgoldsmithAuthor Commented:
Makes sense, however I can connect from one of my own remote locations behind an ASA using the remote VPN connection and access the LAN at the other side.
Ernie BeekExpertCommented:
Just thinking, there is also a Nat option in the client. Might want to have a look at that.
Second, do they have an asa at the other side?
michaelgoldsmithAuthor Commented:
Not sure what the device is on the other side. I can inquire.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.