[VPN] Cisco IPSec VPN client through NAT/PAT IOS 12.2(17)

[Asterix Asterix]

Hi,

I am trying to set up an IPSec tunnel between a Laptop running soniwall VPN Client 8.0 which support NAT-T on Windows 2000 and a Cisco router 4700 running IOS 12.2(17)but I haven't succeeded so far.
I have it up and operational using the soniwall vpn client using public ip (client ip) to Cisco 4700 router(public ip).
When the soniwall VPN client is coming from behind a NAT/PAT source, I can connect to the cisco 4700 (still public ip), but no traffic ever makes it back to me.  I have determined this via the stats in the VPN client.
The point is that all the configuration examples supporting NAT-T from the gateway side I have found so far (mainly on cisco.com) use Cisco IOS v12.2(8)T.
The issue here is that my cisco 4700 router doesn't support 12.2.(8)T, the lastest verison supported by cisco is 12.2(17) and it doesn't have the feature of NAT-T.

The question is there any other configuration possibility (manually). I don't know using NAT inside and outside plus ACLs to configure the router to encapsulate the ESP on UDP packets to the VPN soniwall client behind the PAT/NAPT?

I'm tried some configuration by myself but it didn't work.
Any idea?

Thank you!
Gaston.

-- 
_______________________________________________
Get your free email from http://www.graffiti.net

Powered by Outblaze