ASA VPN Commands to Remember

From time to time I’ll just post these quick little snippets of code. Honestly, this is so I have a reference for them in the future. This set comes from troubleshooting why my VPN would connect but not allow me to see the networks I had allowed in my VPN GROUP ACE.

This command allows the ASA to detect VPN clients behind NAT device’s and encapsulates the traffic into UDP on port 4500. Click on the command to see the detailed description and usage of this command.

crypto isakmp nat-traversal 20

sysopt connection permit-vpn

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.