IPSEC over TCP/50,000 on PIX 5xx...

Unanswered Question
May 29th, 2008

I have a 3000-series concentrator where I already have IPSEC set up on port TCP/50,000, but I wonder if this is possible on a PIX 501 running 6.3(3).

I ask, because I want to be able to VPN into my PIX from broadband connections at hotels, who might not allow ESP (IP_Prot 50, 51) for instance. If I use a TCP port for the IPSEC, I'll likely overcome that.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
aghaznavi Wed, 06/04/2008 - 08:57

I think IPsec over TCP is supported only on the public interface of VPN Concentrators.

arbensy Wed, 06/04/2008 - 12:09


That is not possible with IOS 6.x.

IOS version 6.x does not support IPsec over TCP.

PIX 501 does not support IOS version 7.x.


visit this link.

This document describes how to configure remote access VPN sessions between a PIX Firewall and VPN Hardware Clients. This sample configuration demonstrates a configuration for IPsec over TCP on any port. This feature is introduced in PIX version 7.x.


This Discussion