Hi groupmembers,
I got a really big problem.
I have seen this both working on some PIX's and not working on others, all running 6.3.x
common is that I run interface PAT.
the PIX are internet gateways, so does not have any "strange" or unusual config, just plain global and Nat statement for outbound webaccess in HotSpot solutions.
Several users use Cisco VPN client towards VPN3000 headends.
UDP encap on both udp/10000 and 4500 (NAT-T)
The first user connects just fine.
And this is the real problem:
Whenever a second user tries to connect via VPN the PIx report Protmap translation creation failed !!
I can see in show xlate, that udp/500 is PAT'ed to ... udp/500 !! so no PAT oon low ports !
OMG this problem should have been solved in rel 6.2 !
What is going on here ?
I am very upset about this problem, as it should not have been there.
I have tried 6.3.3 and 6.3.4
I got a really big problem.
I have seen this both working on some PIX's and not working on others, all running 6.3.x
common is that I run interface PAT.
the PIX are internet gateways, so does not have any "strange" or unusual config, just plain global and Nat statement for outbound webaccess in HotSpot solutions.
Several users use Cisco VPN client towards VPN3000 headends.
UDP encap on both udp/10000 and 4500 (NAT-T)
The first user connects just fine.
And this is the real problem:
Whenever a second user tries to connect via VPN the PIx report Protmap translation creation failed !!
I can see in show xlate, that udp/500 is PAT'ed to ... udp/500 !! so no PAT oon low ports !
OMG this problem should have been solved in rel 6.2 !
What is going on here ?
I am very upset about this problem, as it should not have been there.
I have tried 6.3.3 and 6.3.4