Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Checkpoint VPN client behind 1800 running CBAC

Anyone got problems running R56 Securemote client behind an IOS router running CBAC firefall features?

I have a client running unreliable behind it.

2 REPLIES
New Member

Re: Checkpoint VPN client behind 1800 running CBAC

What CBAC features have you enabled on the IOS router? What kind of problems do you encounter?

New Member

Re: Checkpoint VPN client behind 1800 running CBAC

It appear the client R56 remain "up" but data stops flowing. I have CBACB on inside interface "in" with TCP, UDP, ISAKMP and most INSPECTs set.

I have found interestingly that this client uses a fixed source port and also 2746 for UDP encap and not NAT-T standard 4500 UDP.

I have run a later client R60 over a PIX and it works well.

Cisco tell me the fixed source port used to cause problems in their client and they changed it. I also wonder why Checkpoint have changed the encapsulation UDP port to 4500???

118
Views
0
Helpful
2
Replies
CreatePlease login to create content