10-18-2007 04:16 AM
Not able to establish the IPSec remote access VPN from the inside zone of the firewall.
Connectivity:
Inside network is connected to the inside interface of the firewall.
Firewall outside interface is connected to the CSS
CSS is connected to ISP-1 and ISP-2
Please suggest, how to enable the NAT transparency is CSS to work the IPSec RA VPN ?
Is it possible?
Thanks
10-18-2007 04:48 AM
the CSS does not support IPSEC or GRE and can't even route this traffic.
Gilles.
08-29-2008 06:18 AM
Gilles,
To confirm your statement. Are you saying that an IPsec tunnel cannot be routed through the CSS even when it is only being routed and not part of any content rule / group / flow?
While I'm asking, is this true of the ACE products as well?
Thanks,
Rob
09-01-2008 11:45 PM
Rob,
that's correct. The CSS will reject protocol type that are not icmp,tcp or udp.
Even if not loadbalanced.
ACE does not have this limitation.
Gilles.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide