We have a situation where a remote-access VPN is established (Phase 1 & 2), and show crypto isakmp sa says "AM_ACTLIVE". The ASA say zero packets encrypted or decrypted for this VPN.
We think it may be a firewall in the middle that does not allow NAT Traversal.
Is that a fair assumption?
How does the VPN get established if NAT Traversal is not active in the middle of the stream?