Problem with portmap

[tschouten]

I have the VPN client working however it doesn't route any packets. I notice an error in the logs portmap translation creation failed for protocol 50 src: dst:

I have the vpngroup performing a split tunnel and I have sysopt connection permit-ipsec on the thing so I am sort of lost now. Any one have any clues or pointers.

Thanks

 

[melowery]

Can you post your config? You can change any sensitive info, but it would give us an idea of where to start.

 

[308win]

ESP is protocol 50.

Might be a problem with NAT-Traversal. Is the client behind another firewall? Have you tried it with the client directly attached to the internet? Is your pix code a recent version that supports NAT-Traversal?

 

[tschouten]

Thanks I in fact did not have NAT-Traversal on the machine. You have to forgive me I am a router guy getting firewalls shoved at him.

No the problem I have is when I connect with the client vpn it gets the routes its supposed to have access to but I cannot ping or access any device. I can ping myself as the client but nothing else.

Sighhh no training and doing this firewall configuring sucks!

If you need I'll post the config.

 

[tschouten]

I meant Now the problem is.....

 

[tschouten]

Funny thing is I can figure out how to get ospf,BGP and the like of that to work in a 50 router situation but this Firewall stuff stops me cold....makes me feel like a mental midget.

(hope midget doesn't offend anyone...)

Thank you all in advance.