VPN client Error -Syslog ID 305006

PROBLEM:

Network topology. Remote brach office with ASA firewall and VPN client on the remote LAN. Central Site with ASA firewall terminating the remote branch VPN client. I can not connect from inside my branch network to central network using VPN client. Earlier i had in my office FreeBSD and did not have this problem (I could connect to Central ASA using VPN client), when i changed FreeBSD to ASA this problem occur. VPN client is connected, tunnel is created but nothing more.
I get an error message :Syslog ID 305006 – regular translation creation failed for protocol 50 src inside:10.0.0.22 dst outside:6.168.y.x

SOLUTION:

On remote branch office ASA use:

ciscoasa(config)# policy-map global_policy
ciscoasa(config-pmap)# class inspection_default
ciscoasa(config-pmap-c)# inspect ipsec-pass-thru
ciscoasa(config-pmap-c)#exit

On Central Office ASA use:

PIX/ASA 7.1 and earlier: pix(config)#isakmp nat-traversal 20

PIX/ASA 7.2(1) and later: securityappliance(config)#crypto isakmp nat-traversal 20

Related posts:

1. Cisco AnyConnect SSL VPN Client on Cisco ASA 5500
2. Allowing Microsoft PPTP through Cisco ASA
3. How To Configure AnyConnect SSL VPN on Cisco ASA 5500
4. IP Phones behind a Cisco ASA 5505 Firewall
5. Comparison Between Cisco ASA WebVPN Technologies

Tagged with: cisco asa vpn error Syslog ID 305006 • nat transparency • nat-t

Filed under: Cisco ASA Configuration

Like this post? Subscribe to my RSS feed and get loads more!