My vpn tunnel is not working when i put ports with host in the access list any idea to resolve this ?
Helo Elias
When configuring a VPN, you use access lists to match and identify interesting traffic to be tunneled. You can specify source and destination IP addresses as well as source and destination TCP/UDP ports. However, you must double-check your ACL configuration and make sure that the ACLs on both ends of the tunnel mirror each other, meaning that if one end is configured to encrypt traffic from A to B, the other end should be configured to encrypt traffic from B to A.
Now in the title of your thread, you mention that there is a NAT issue. If you are also using NAT, you must make sure that the traffic intended for the VPN is not being translated. You can do this by creating a NAT exemption for the VPN traffic as shown in the following lesson:
Let us know how you get along, and if you still have problems, give us some more information about your setup so we can help further.
I hope this has been helpful!
Laz