10-18-2007 04:16 AM
Not able to establish the IPSec remote access VPN from the inside zone of the firewall.
Connectivity:
Inside network is connected to the inside interface of the firewall.
Firewall outside interface is connected to the CSS
CSS is connected to ISP-1 and ISP-2
Please suggest, how to enable the NAT transparency is CSS to work the IPSec RA VPN ?
Is it possible?
Thanks
10-18-2007 04:48 AM
the CSS does not support IPSEC or GRE and can't even route this traffic.
Gilles.
08-29-2008 06:18 AM
Gilles,
To confirm your statement. Are you saying that an IPsec tunnel cannot be routed through the CSS even when it is only being routed and not part of any content rule / group / flow?
While I'm asking, is this true of the ACE products as well?
Thanks,
Rob
09-01-2008 11:45 PM
Rob,
that's correct. The CSS will reject protocol type that are not icmp,tcp or udp.
Even if not loadbalanced.
ACE does not have this limitation.
Gilles.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: