We are having no problems using the following: Cisco 3620 with 12.2(5) IP only. Cisco 5000 VPN concentrator (running 6. something) Cisco VPN client 5.17
I have both static NATs and a pool enabled. Keep in mind that with NAT trans VPN stuff goes out over TCP 80 and comes back on UDP 500(OK more than just this but go with me for a minute :-). Your ACL list should be carefully checked and be sure and select the "Use NAT Transparency Mode selected on the client". What can fool ya is that when NAT Trans. is not enabled you can enter the shared secret and the RADIUS passwords but nothing comes across(data wise), even though you have "Globige". When you select NAT trans the RADIUS password will never come back if your ACL's are not setup right. Chances are that you have already been through all of this but what the heck, Good luck Rick Fulton "Patrick Ramsey" on 01/15/2002 09:06:58 AM Please respond to "Patrick Ramsey" To: [EMAIL PROTECTED] cc: (bcc: Richard Fulton/EDS/FlipChip) Subject: RE: NAT Problems with 12.2(5)? RE: Gawd I hate my [7:31913] We're on a 3660 here. >>> "R. Benjamin Kessler" 01/14/02 05:19PM >>> What platform? I was doing a bug search for 7200's and saw several NAT bugs - some of which are unresolved. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Patrick Ramsey Sent: Monday, January 14, 2002 3:24 PM To: [EMAIL PROTECTED] Subject: NAT Problems with 12.2(5)? RE: Gawd I hate my life [7:31883] Does this have anythign to do with the wrong nat pool being used for a given interface? Or the use of only one nat pool regardless fo interface? -Patrick >>> "Kaminski, Shawn G" 01/14/02 03:32PM >>> Regarding IOS's, has anyone had any problems with NAT when using 12.2(5)? Without going into details, we're having some NAT issues and it seems to have started after upgrading our routers to 12.2(5). CCO doesn't currently show any NAT problems or bugs with this version. Shawn K. -----Original Message----- From: Brad Ellis [mailto:[EMAIL PROTECTED]] Sent: Monday, January 14, 2002 11:29 AM To: [EMAIL PROTECTED] Subject: Re: Gawd I hate my life ;-> [7:31817] snip > Cisco Internetwork Operating System Software > IOS (tm) 3600 Software (C3620-JS56I-M), Version 12.1(5)T10, RELEASE > SOFTWARE (f snip dont use IOS 12.(5)T10. you folks you should be using 12.(5)T9, it has less bugs in it. thanks, -Brad Ellis CCIE#5796 (R&S / Security) Network Learning Inc [EMAIL PROTECTED] used Cisco gear: www.optsys.net CCIE Labs, racks, and classes: http://www.ccbootcamp.com/quicklinks.html ""Chuck Larrieu"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > OK, so I've been doing rack testing for some people who are going to > be going public Real Soon Now. > > Got some things mocked up. Some of which relate to topics discussed on this > forum yesterday and today. I need to check something and issue the > command "show ip prot" enter. > > r2#sh ip prot > % Ambiguous command: "sh ip prot" > r2# > > well, now... > > r2#show ip prot? > protocol-discovery protocols > > r2#show ip prot > > so what is "show ip protocol-discovery? > > r2#sh ip protocol-discovery ? > interface Show for a specific interface > protocol Show stats about a pariticula protocol > stats Show Stats > top-n Show Top-N protocols by bytes > | Output modifiers > > > OK. so a command I've been using since 11.2 is no longer valid. except that > it is on other routers. > > but look - still good on other routers: > > r3#sh ip prot? > protocols > > r3#sh ip prot > > > OK, check CCO, no record of any such command as show ip > protocol-discovery in any command reference I check. A search of CCO > for the phrase reveals nothing. > > now what? > > the IOS version in question is: > > r2#sh ver > Cisco Internetwork Operating System Software > IOS (tm) 3600 Software (C3620-JS56I-M), Version 12.1(5)T10, RELEASE > SOFTWARE (f > c2) > > sigh. have not run into this before, not in two trips through the lab, > not on any number of routers and IOS versions, both at home and in > customer installations. > > Anyone got any clue what show IP protocol-discovery does? > > sheesh.. another good shortcut down the tubes. > > Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=32018&t=31913 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]