Need help, a problem with IPSec and NAT - T

We had a successful between a Cisco remote access client and the ASA connection.   The connection is more data transfer, but the Phase I and Phase II complete successfully.   There are several sections between separate networks for the remote user to the ASA, including hotlines of Verizon and Verizon's ISP.

Troubleshooting Cisco guides strongly suggests, it is a problem of NAT - T, but when I turn on debugging 254 isakmp and debug ipsec 254, I get only a modest messages on NAT - T, which is "Recieved NAT-Traversal version 02 VID.   This message and connections, are when I disabled it on the ASA of NAT - T.

If I enable NAT - T on the SAA, the remote client cannot establish Phase I or II; I was not able to gather debugs on this scenerio yet.

The customer has a second laptop, both of them experience the same problem.  We have ensured that the Tunneling, UPD 4500 is activated.

I suspect that an intermediary device or Verizon, changed something.

What should be my next troubleshooting (unfortunately, I can't post the configs)?

Kind regards

j

From my very limited experience, both sides must have the NAT - T enabled, otherwise the side who did not need NAT - t won't be able to read the part of the IP header because it is encrypted.

Good luck!

Pedro

Tags: Cisco Security

Similar Questions

  • Please help, audio problem with XW6600 and NVS 315

    Greetings:

    I just buy a renovated, XW6600 Xeon dual processor, 8 GB of RAM, Windows 7 Professional 64 bit system.  The PC comes with a nVidia NVS 290 graphics card.  Everything works fine and the speaker in the motherboard Jack produces sounds.  However, when I change the NVS 290 with a NVS 315 (it is a HP 720837-001 replacement part), the sound stops working.  The speaker in the systray icon has a red circle with an "x" in it.  If I right click on the speaker, the playback device, it shows two TV as icon one above the other with a red arrow pointing down and a description on the righ side saying "Digital Audio (HDMI) high definition Audio Device not connected.   I have the same result in 64-bit Windows 8.1.  The problem is resolved, if I reinstall the NVS 290.  For both cards, I use the latest version of the nVidia Driver and driver HP.  Am I missing something?

    Any help to solve this problem is greatly appreciated.

    First of all, you want to be sure to load the latest version of the BIOS on this xw6600.  It is from the end of 2012.

    I met this problem several times... do not know if these suggestions will help, but I think that your experience may be related to previous losses audio when the latest drivers are loaded that contain "pilot high-resolution audio" in the game of video driver.

    The current Quadro NVS 315 W7 64 bit graphics drivers Quadro ODE 320.92, which work well in my xw6400, xw6600 and xw8400 workstations running several types of cards Quadro FX and NVS.  If you have used the standard installer downloaded and used the standard "recommended" install that he threw into about 5 pieces, that only one you really need (selected by default single main driver in a custom installation).  That's all I use now, throughout my nVidia installs, and I also check the clean install box on the last page before loading begins in the custom installation path that I go down.   So, to charge fees, I first uninstall anything nVidia via the control panel and then hunt around on drive C for nVidia remains in the trash.  This includes any folder with nVidia in its title, including temporarily enable Show hidden files and folders in the tab views in the Folder Options Control Panel.  I then reboot and finally make this unit "clean install" - checked - technical of custom installation.

    Try this approach first... it's easier.  You might have luck, and audio can return.

    One of the elements that was installed in the "recommended" non-custom installation was a driver of nVidia high-resolution audio.  This seems to conflict with / replace the RealTek driver who was using your audio RealTek chipset on the motherboard.  I discovered that there is a part of BIOS for those workstations which is usually hidden, but sometimes becomes visible with installing drivers high-resolution audio.  F10 in the BIOS, go to the Advanced tab, down for the terminal Options and check if rebalanced Audio appears just above monitor follow-up.  If he was not hidden by the nVidia high-resolution audio driver load then it will virtually always disable status.  Change to activate, F10 to save the change and BIOS don't forget to save changes on exit and F10 again when BIOS asks.

    We got exactly that occur as a result of installing the drivers nVidia GeForce to a GeForce GTX 650 Ti BOOST on a xw8400 and I saw that happen with these latest nVidia Quadro driver packages, too.

    This is the second best method to solve the problem, if it works.

    Another approach is to save your current BIOS settings via replicated in the BIOS Setup, load into my settings to clone xw6600 (attached) and see if the sound comes back like that.  Sometimes integrated Audio remains hidden when we F10 in the BIOS, but my clone settings was set correctly even though the option remains hidden.  You can open the attached CPQSETUP. TXT file with Notepad and Find allows you to do a search for "audio"... the second shot will be the Audio integrated, one.  Note that it is configured to allow this clone... He usually lies in a status of disable, otherwise.

    You can edit it with Notepad, except that, and charge that the version of your original settings of the BIOS using replicated Configuration changed if you want to use this technique with other types of work, such as the xw8600 workstations.  You will always find this entry via this method, even though it is hidden when you look directly into the BIOS, so it's a good thing to know.

    It is the third most easy.

    Fourth... you start dinking autour with drivers in Device Manager.

    Replicated configuration function of the BIOS with a USB, it is very easy to save your original BIOS settings, try another set of settings and return to your original if you wish.  The clone CPQSETUP. TXT file can be edited by hand (with caution) to convert a Disable to activate, for example, saved and then downloaded into your BIOS firmware.  If you want to try attached BIOS xw6600 clone settings make sure to change off the coast of the "xw66002" so that only CPQSETUP. TXT is on your USB... Replicated configuration works which with a file named exactly that.

    I posted here a few days on exactly the configuration of the workstation this clone has been optimized dethrone archive on it.

    Finally, please post back with your findings because it has become a more common problem, and the more data we have here: it is likely, we will find the fastest solution boilerplate.

  • Need help - connection problem with R12.1.1 (Vision) on Windows 2008 R2 (Datacenter)

    Hello

    (1) we made a fresh install of R12.1.1 (Vision) on Windows Server 2008 R2 for demonstration purposes at the senior management and upgrade planning. Running on 11.5.10.2.
    (2) installation went fine. We follow all the necessary prerequisites for installation.
    (3) after the installation, we did run autoconfig for DB as well as the APPlication and started services.
    (4) we are able to see the page of connection, but not able to connect using generic accounts of OPERATIONS/WELCOME or SYSADMIN/SYSADMIN.
    (5) send the document screenshot and a newspaper for your perusal. Please provide your e-mail id. Not able to attach here.

    Please help us with diagnosis and solution.

    Thank you and best regards,
    Renaud.

    Published by: 988810 on February 18, 2013 18:23

    Please change the password for these users by using FNDCPASS and then - check loss of password SYSADMIN. How to know the password of the user SYSADMIN [ID 1066661.1]

    Thank you
    Hussein

  • Need help from base with Acrobat and LiveCycle

    This is my first time using Acrobat and LiveCycle for design a form. Basically what I need is a title that is editable and that I want to insert a text box below so people can type in the box and then print the entire page with their comments. I can do all this, except that the problem is when I insert the text box, the cursor is justified to the left, but appears in the middle of the text box. So when people start to type, there is a huge gap between the title and what they typed. I want their typing will appear directly below the heading. What I am doing wrong? See attachment for a Visual explanation. Thank you.

    You can have the text in the jusitied high-field. This is controlled on the palette of fonts. Activate the palette of fonts in the menu window. Usually, it will appear at the bottom right of the screen. Now highlight the field you want to adjust. Make usre that the paragraph tab is slected. Click on the little drop-down list arrow indictaed in yellow in the screenshot and select "change value". Now click the upper justification as indicated by the arrow in the csreen turned.

    Paul

  • Need help to developers with Q5 and Q10

    Hi all

    Those of you who have BlackBerry Q5 and Q10, could you please compile & run this small application on your device: https://l-homes.org/~leppa/bb10/dpi.zipand post the numbers is displayed?

    It will display the resolution of the screen as reported by bb::device:isplayInfo class and calculated from these values of DPI. I only have Z10, but I need to know what are these values on other devices.

    Thank you all in advance for your help.

    Here is the result of a Dev Alpha C, which is supposed to be identical to the Q10 hardware:

    resolution 13090.9091796875 13090.9091796875
    pixelSize 720 720
    55 55 physicalSize

    The release of these three properties DisplayInfo, from file QML (do not use your own code).

    Hope that helps!

  • I'm having a lot of problems with firefox and cannot figure out how to get help. It all started when I updated to 13. I get all kinds of advertising popups, I can't play a

    I'm having a lot of problems with firefox and cannot figure out how to get help. It all started when I updated to 13. I get all kinds of advertising popups, I can't play a game on FaceBook called Farm Town at all, and I get a popup of AVG on the cookies that I can't get rid of. These issues are causing me to use Chrome quite often, although I like Fox better. I've searched and searched how to get help and find nothing. How can I get personalized technical help? These problems will not occur in Chrome at all. Thank you.

    Do a check with some malware malware, analysis of programs on the Windows computer.

    You need to scan with all programs, because each program detects a different malicious program.

    Make sure that you update each program to get the latest version of their databases before scanning.

    Alternatively, you can write a check for an infection rootkit TDSSKiller.

    See also:

  • Is anyone able to run Adobe CS5 with El Capitan now? I've read about problems with Illustrator and photoshop, but these seem to be in 2015 Octobe5. She improved at all? I need to upgrade that I am running an old OS v but I need to run CS5.

    I've read about problems with Illustrator and photoshop on EL Capitan, but these seem to be in October 2015. She improved at all? I need to upgrade that I am running an old OS v but I need to run CS5. Can not afford to go to CC. I have a Macbook Pro.

    CS5 and 10.11 are not supported and will never be supported by Adobe or Apple.

    However it works for some, more actually, but not all. There are sporadic problems with Illustrator, Photoshop seems to be the best. Do not expect an improvement and keep in mind that anyone from Adobe, Apple or anywhere else will fix it.

    Do a clean install

    Make sure you have the Apple Java

    h ttps://support.Apple.com/kb/DL1572?locale=en_US

    Make sure you have your serial number and if you are having problems with the serial number or the serialization however adobe of web server will not support your problem.

    update the application via photoshop.

  • Cisco ASA Site to Site VPN IPSEC and NAT question

    Hi people,

    I have a question about the two Site to Site VPN IPSEC and NAT. basically what I want to achieve is to do the following:

    ASA2 is at HQ and ASA1 is a remote site. I have no problem setting a static static is a Site to IPSEC VPN between sites. Guests residing in 10.1.0.0/16 are able to communicate with hosts in 192.168.1.0/24, but what I want is to configure the NAT with IPSEC VPN for this host to 10.1.0.0/16 will communicate with hosts in 192.168.1.0/24 with translated addresses

    Just an example:

    N2 host (10.1.0.1/16) contacted N1 192.168.1.5 with destination host say 10.23.1.5 No 192.168.1.5 (notice the last byte is the same in the present case,.5)

    The translation still for the rest of the communication (host pings ip destination host 10.23.1.6 N3 N2 not 192.168.1.6 new last byte is the same)

    It sounds a bit confusing to me, but I've seen this type of configuration before when I worked for the supplier of managed services where we have given our customers (Ipsec Site to Site VPN with NAT, don't know how it was setup)

    Basically we contact the customer via site-to-site VPN hosts but their real address were hidden and we used as translated address more high 10.23.1.0/24 instead of (real) 192.168.1.0/24, last byte must be the same.

    Grateful if someone can shed some light on this subject.

    Hello

    OK so went with the old format of NAT configuration

    It seems to me that you could do the following:

    • Configure the ASA1 with static NAT strategy

      • access-list L2LVPN-POLICYNAT allowed ip 192.168.1.0 255.255.255.0 10.1.0.0 255.255.0.0
      • public static 10.23.1.0 (inside, outside) access-list L2LVPN-POLICYNAT
    • Because the above is a static NAT of the policy, this means that the translation will be made only when the destination network is 10.1.0.0/16
    • If you have for example a PAT basic configuration to inside-> external traffic, the above NAT configuration and the custom of the actual configuration of PAT interfere with eachother
    • ASA2 side, you can normally configure NAT0 / NAT Exemption for the 10.1.0.0/16 network
      • Note of the INTERIOR-SHEEP access-list SHEEP L2LVPN
      • the permitted INSIDE SHEEP 10.1.0.0 ip access list 255.255.0.0 10.23.1.0 255.255.255.0
      • NAT (inside) 0-list of access to the INTERIOR-SHEEP
    • You will need to consider that your access-list defining the VPN encrypted L2L traffic must reflect the new NAT network
      • ASA1: allowed to access-list L2LVPN-ENCRYPTIONDOMAIN ip 10.23.1.0 255.255.255.0 10.1.0.0 255.255.0.0
      • ASA2: list L2LVPN-ENCRYPTIONDOMAIN allowed ip 10.1.0.0 access 255.255.0.0 10.23.1.0 255.255.255.0

    I could test this configuration to work tomorrow but I would like to know if it works.

    Please rate if this was helpful

    -Jouni

  • Compatibility problem with Vista and iTunes

    I downloaded iTunes 9 on my Tobisha laptop Satellite last night and put about 2.5 GB of music on it. I didn't upload the music from the internet. I used MP3s, I had for a few years.

    When I went to boot up the laptop this morning the loading process took some time, but it never loaded to the login screen. I just see the bottom of MicroSoft. Is there a compatibility problem with Vista and iTunes? Maybe I put too much music on my laptop?

    Boot in safe mode and delete iTunes and all the music I downloaded would solve the problem? Or it is less simple than that?

    Don't know where to direct this question if any help you could provide would be greatly appreciated.

    Thank you.

    Hello

    iTunes is compatible with Vista and there should not be any problem.
    Yesterday, I installed iTunes 9 on my U400 and everything happened correctly.
    If your laptop can not boot Vista correctly, then you should try the repair feature.

    Turn on the computer and press F8. Now you will see the advanced boot menu.
    Now, you have many choices.

    As a first step, you should try the option called: last good known Configuration (Advanced)

    If this will not help and the Vista will not start then try the option called repair your computer. This option displays a list of system recovery tools, you can use to repair startup problems, run diagnostics, or restore your system.

    If that does not help, then you will need to retrieve the unit using the Toshiba recovery disc or HARD drive recovery.

  • I have a problem with scrolling and typing on the computer.

    Original title: I have problems with scrolling and typinging after a minute or so without the computer trying to go in the background, any help would be great because I will to throw the mouse across the screen very soon

    as noted above, totally tired, I must right click of mouse to wake up on this page, I did it while typing grrrr big time. Help pleeeease

    Hello

    Thanks for posting your question in the Microsoft community.

    I see that you have a hard time to work with the mouse.

    1. What is the brand and model of the mouse?
    2. The problem occurs on any program or when you perform a task in a particular program?

    Try these steps and see if that solves the problem of performance of your mouse.

    Method 1:

    You can check that the mouse buttons are set correct.

    Refer to the section "Change how the mouse buttons works", from following link to learn more about the same:

    Change the settings of the mouse

    http://Windows.Microsoft.com/en-us/Windows7/change-mouse-settings

    Method 2:

    You can uninstall and reinstall the drivers for the mouse on your computer, to do so follow the steps mentioned below.

    a. click Start, click Control Panel , and then click Device Manager. If you are prompted for an administrator password or a confirmation, type the password or provide confirmation.
    b. in the Device Manager, look for the device under the mouse and other pointing devicesand then double-click the device name.
    c. click on the Driver tab, and then click uninstall the driver.

    d. restart the computer and it will automatically re - install the drivers of.

    Note:

    You can also update mouse drivers by visiting the manufacturer's Web site.

    See this link for more information:

    Updated a hardware driver that is not working properly

    http://Windows.Microsoft.com/en-us/Windows7/update-a-driver-for-hardware-that-isn ' t-work correctly

    Let us know if you need help on this question or any question about Windows.

  • Problems with clicking and scrolling when you are using the mouse in IE

    Separated from this thread.

    Original title:

    Problems with clicking and scrolling when you are using the mouse

    I have the same problem.  My touchscreen responds but my touchpad and mouse are unable to save a click in IE.  I need to reboot to rectify.  It seems to be more common when the laptop comes out of fashion 'sleep'.   I tried all the steps above, everything is up-to-date.

    Hello Fred,.

    Thanks for the reply.

    I appreciate your efforts to resolve the issue.

    I would suggest trying the following methods and check if it helps.

    Method 1:
    Run the hardware and devices Troubleshooter and check. Please follow these steps:

    a. press Windows + W keys, type Troubleshooting in the search box and press on Enter.
    b. click on 'show all' and then click 'hardware and devices'.
    c. click 'Next' and then follow the on-screen instructions.

    If this does not help, then use method 2.

    Method 2:
    Start your computer in safe mode and check the number.
    Refer to this article:
    Start settings for Windows (including safe mode)
    http://Windows.Microsoft.com/en-us/Windows-8/Windows-startup-settings-including-safe-mode

    I hope this information helps.

    Please let us know if you need more help.

    Thank you

  • Problem with ECS and XSD

    Hi gurus B2B.
    We are facing the problem with ECS and last 2 weeks XSD files, we followed measures

    1 created an ECS file in document editor version 11 g: 6.6.0
    2 files ECS consists only from segments ST and SE
    Ex: ST
    BCH
    HEART
    REF
    BY - Exclude
    TAX - Exclude
    ...
    .....
    ....
    ....
    IS
    3: file ECS from a file (File-> export-> Oracle B2B) XSD in document ediotr

    4. we have imported an ECS and XSD file in console B2B (documents - file ECS docdef-transaction set) and an XSD file

    5. we have tested a single file of manually, we face below error:

    B2B-51507 error code
    Error Description Machine Info: Description of the (usmtnz - dinfap19.dev.emrsn.org): payload validation error.
    ERROR_LEVEL_COLLABORATION error level
    Severity of the error
    Error text

    and a few times it shows load Guideline error or just simply

    Please help us solve this problem

    Concerning

    You can validate EDI XML with XSD is.

    1 can I use 10 g ECS file and XSD file in 11 G

    You need to upgrade using Oracle Document B2B Publisher (Migrator).

    Error, error short text: the item includes all the important data

    Make sure that the payload is encoded in UTF - 8. B2B Oracle only works with UTF-8 encoding.

    You can discuss a case with support and/or move files (b2b export and test data) to my id.

    Kind regards
    Anuj

  • Problem with IMovie and Quick time

    Hey everybody,

    I am faced with an unexpected problem with Quicktime and I Movie, and I was wondering if someone had already known that:

    I want to create a film based on shots from my personal camera. I started to work with IMovie to create a sequence of opening and added his musical band. I exported the scenes in Quick Time format without any problem. However, when I merge the exported sequence of I film with shots of my video camera, the soundtrack is completely eliminated.

    I checked on the Internet and saw that there might be a problem of "Codecs". To avoid this, I exported the sequence IMovie with Codecs of same as one of my video camera files.

    Now, if I compare the files exported from I Movie and those of my video camera, they have identical characteristics. However, the soundtrack will always disappear when I merge them.

    Could someone please help me solve this problem?

    Thank you very much in advance.

    Concerning

    Could someone please help me solve this problem?

    Not only based on what you already said.

    I want to create a film based on shots from my personal camera. I started to work with IMovie to create a sequence of opening and added his musical band. I exported the scenes in Quick Time format without any problem. However, when I merge the exported sequence of I film with shots of my video camera, the soundtrack is completely eliminated.

    How would you"merge" files? (I.e. a "QuickTime" format is any form of data compatible with the platform of supply and the specific structure of QT incorporated into real employment that is stored in a container of MOV file on any of up to 99 tracks possible). Also, what app do you use for reading the file 'merged '? (For example, some media players ignore secondary audio tracks as a result of some methods of 'fusion' of files so it is important to know how the files are "merged," whether or not the audio data are "scattered" several tracks, and/or if the Media Player supports playback of multiple, sequential audio popular.)

    I checked on the Internet and saw that there might be a problem of "Codecs". To avoid this, I exported the sequence IMovie with Codecs of same as one of my video camera files.

    The specific codecs and settings using the specific version of iMovie? (The current Mac OS X operating systems have two X QT and 'classic' Qt integrated structure so it is important to know what structure is used here and how).

    Now, if I compare the files exported from I Movie and those of my video camera, they have identical characteristics. However, the soundtrack will always disappear when I merge them.

    As a general rule, you should review the file "merged" to determine why it does not play back correctly rather than comparing the characteristics of the source being merged files. The main problem here seems to be in your project workflow. That is, you seem to be when you perform an operation in two steps rather than edit several iMove multimedia files and then export the combined results in a video the video and audio tracks have been flattened and exported in standard compression formats with unified settings, features and the.

  • problem with Safari and the opening of sites

    problem with Safari and the opening of sites

    Please describe the problem in more detail?

    Try to reset the settings of Safari:

    1. open Safari

    2. click on the Safari menu at the top (to the right of the Apple logo)

    3. Select the Preferences/Privacy tab

    4. click on remove all data from the Web site

    5. close Safari.

    Remove cache Safari files:

    1. click on finder

    2. look for the menu GO to top

    3. click on GO and hold down the option key. This will show a user library folder.

    4. click library and find the Caches folder

    5. in the folder caches com.apple.Safari Ouvrezledossier

    6. move the Cache.db file Trash.

    This should solve the problem. If it does not help, try to disable the Safari extensions

    1. open Safari

    2. click on the Safari menu at the top (to the right of the Apple logo)

    3. Select Preferences

    4. find the Extensions tab

    5 disable all extensions of

    6. relaunch Safari

  • Problem with youtube and other video sites

    I have a problem with youtube and other video sites:

    Everything is up-to-date (flash, FF, my plug ins.) but I get crashes when loading the video. I can hear the sound but I see only the first frame of the video.

    I've reinstalled flash/firefox or tried updating them again for about 4 times now and my cookies/cache has also been errased which i usually don't do. If i enter FF's safe mode it also freezes.

    I hope someone can help, I looked for answers on google before and I tried everything I saw, but it did not help.

    GRTS,
    agrash

    I had the same problem, I uninstalled the plugin Flash player (Adobe Flash Player 11.0.1 152) and the problem is solved. I installed the plug-in again and the problem came back. So right now I have no flas Player liked-in, but I don't have too much problem. I hope that I will not find another problem, but it seems that everything is OK.

Maybe you are looking for