Clients are connecting fine with UDP, but when I set a client to TCP/10000, the client fails to connect.

Here are the final messages gathered from the client log:

48 17:58:15.171 07/19/08 Sev=Info/4 CM/0x6310000E

Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system

49 17:58:15.187 07/19/08 Sev=Info/5 IKE/0x6300005E

Client sending a firewall request to concentrator

50 17:58:15.187 07/19/08 Sev=Info/5 IKE/0x6300005D

Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).

51 17:58:15.187 07/19/08 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to a.b.c.d

52 17:58:20.218 07/19/08 Sev=Info/4 IKE/0x63000021

Retransmitting last packet!

53 17:58:20.218 07/19/08 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK TRANS *(Retransmission) to a.b.c.d

54 17:58:25.218 07/19/08 Sev=Info/4 IKE/0x63000021

Retransmitting last packet!

This looks like the client is asking for firewall settings and getting a CPP response from the 3030, but I have no idea why this would be happening - and as soon as it does, the 3030 no longer will acknowledge the traffic coming from the client.

The client does not have the CIC turned on, and the 3030 uses "Firewall Setting: NO Firewall" set on the group the client is connecting to, as well as the base group.

Any ideas or suggestions will be appreciated. Thanks in advance.

Per