Right,
I have a suspicion that the VPN traffic type my customer has in question is PPTP. Haven't got to site yet due to transport disruption!
My understanding is that throughout the AOS lifecycle, support for PPTP over NAT was been added and removed at various stages.
The customer is currently on 6.2.1.2.
So, I guess I have 3 questions.
1. Is PPTP supported in this version? If not, does anybody have an authoritative view of what versions do support it?
2. Does anybody know if you can do the equivalent of a static PAT (like you could on a Cisco ASA) within any NAT configuration context or role rule/policy? I.e. don't translate the source port? I've looked and can't see an obvious way?
3. My understanding (which might be wrong), is that half the problem with PPTP, is that it doesn't like source ports being changed. Am I wrong? If this is the case, I can't see that it's worth me looking at implementing an external NAT pool, to increase translation potential over multiple source IPs?