ipsec pass-thru and nat-t for ASA
Posted on 2011-09-20
I originally posted a question regarding the gre-ipsec configuration of a linux red hat server and quickly realized my problem is not with the server config but with the ASA...
Site A has a Router A with public ip 22.214.171.124. Site B has a nat wall (the ASA) and outside ip 126.96.36.199 and inside ip 192.168.5.8 for the server which is terminating the tunnel. Those IPs are the global and local IPs of the server respectively.
Both endpoints are running nat traversal. The ASA doesn't need to run nat-t because it is not terminating the tunnel, it is just a pass-thru box for the gre-ipsec tunnel. Or so I claim.
Can someone shoot me the config update lines needed for the ASA to allow this?