Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1252
Views
3
Helpful
2
Replies

Can AS400 traffic pass through IPSec VPN tunnel?

paulnigel
Level 1
Level 1

‎07-12-2006 04:50 PM - edited ‎02-21-2020 02:31 PM

hi,

I have ASA to ASA vpn tunnel setup. Can I pass AS400 traffic through the tunnel?

Thanks and Best regards,

Paul

Labels:
0 Helpful
2 Replies 2

hemendoz
Cisco Employee
Cisco Employee

‎07-12-2006 05:09 PM

Hello Paul,

I have worked with clients who have AS400 traffic that passes through a ASA VPN tunnel. The only issue we had is that sometimes connections could go idle for long periods of time, and if the ASA connection timeout is set too low, this traffic would not pass after the idle time-out period. We'd have to physically reset the AS400 interfaces for traffic to flow again. You can set infinite idle time-out periods based on specific hosts now on 7.x (Modular Policy) vs. configuring a global value.

Here is a link that details this

PIX/ASA 7.x: Set a Connection Timeout Based on an Access-List Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080624e19.shtml

Any specific traffic you are concerned about?

Hope this helps! If so, please rate.

Thanks

paulnigel
Level 1
Level 1
In response to hemendoz

‎07-12-2006 07:43 PM

Hi hemendoz,

Appreciate much for your help.

correct me if i am wrong, when my AS400 communicate with Rumba(emulation software), they use Telnet, 1789 and ack traffic is like using tcp high ports, 8192.

does it mean that i have to set ACL for infinite idle time-out for all the ports that the clients used? or do you have a better solution?

Thanks and Best wishes,

Paul

0 Helpful
Customers Also Viewed These Support Documents