You must have something wrong configured or NAT is done on the edge router :)
2011/9/8 waleed ' <[email protected]> > > but the question is , how ipsec packet routed on the internet and it has > private IP in the source field ,because no one nat it now and it has the > private ip of client machine? > ------------------------------ > From: [email protected] > To: [email protected]; [email protected] > CC: [email protected] > Subject: RE: [OSL | CCIE_Security] IPsec Through ASA > Date: Thu, 8 Sep 2011 11:37:02 +0000 > > > @pitor it is through firewall > @kingsley I lost the nat it is working nice now > > ------------------------------ > Date: Thu, 8 Sep 2011 11:44:27 +0200 > Subject: Re: [OSL | CCIE_Security] IPsec Through ASA > From: [email protected] > To: [email protected] > CC: [email protected]; [email protected] > > In case the tunnel is terminated on the ASA... > > > 2011/9/8 Kingsley Charles <[email protected]> > > Exempt the VPN traffic using NAT exempt. > > With regards > Kings > > > On Thu, Sep 8, 2011 at 1:48 PM, waleed ' <[email protected]> wrote: > > > Dear pitor , sorry for the general question I will in future , > if there is patting for inside users on outside interface and we inside > user need vpn on server on the outside what we have to add to config ? > ------------------------------ > Date: Thu, 8 Sep 2011 10:13:04 +0200 > Subject: Re: [OSL | CCIE_Security] IPsec Through ASA > From: [email protected] > To: [email protected] > CC: [email protected] > > > Depends on where the traffic is originated from. > If from the Inside, then you need IPSec pass-thru inspection enabled or > pass ESP on the outside ACL (in inbound direction). > If from the Outside, then you need to pass UDP/500 (or UDP/4500 if NAT is > enabled) and ESP on the outside ACL (in inbound direction). > > Could you please ask more specific questions in the future? > > Regards, > Piotr > > > 2011/9/8 waleed ' <[email protected]> > > What we need to enable IPsec through ASA ? > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
