×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cisco VPN client and ACL

Unanswered Question
Oct 12th, 2006
User Badges:

Hello. I am trying to set up a VPN connection between a Cisco VPN client and a Cisco 3640 using EZ VPN Server. I have a simple ACL on the inbound 3640 interface that reads:


permit udp any host x.x.x.x eq isakmp

permit esp any host x.x.x.x

permit udp any host x.x.x.x eq 4500

permit tcp any host x.x.x.x eq 10000


This is the only ACL on the 3640 interface.


When I configure the client to connect using Enable Transparent Tunneling -IPSec over UDP (NAT/PAT), I can connect the tunnel. When I select Enable Transparent Tunneling -IPSec over TCP - Port 10000, I cannot connect the tunnel.


Is the problem with the ACL or something else?


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ajagadee Thu, 10/12/2006 - 08:50
User Badges:
  • Cisco Employee,

Patrick,


The problem most likely is not your ACL. Since you mentioned 3640, my guess is you are running 12.4T Code and the feature that you are looking for wasnt introduced until 12.4(9)T.


IPSec Over TCP feature on routers was introduced in 12.4(9)T. The command that you should be looking for is "crypto

ctcp port [port-number]".


Please refer the below URL for details:


http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps1839/products_feature_guide09186a008055c37a.html#wp1305478


Let me know if it helps.


Regards,

Arul



Actions

This Discussion