I have a client that has 20 people behind a firewall at their location using 1 natted address to the Inet. They want to authenticate to their network in my Data Center which has a PIX 515 VPN . They are using the VPN3000 Client which defaults to UDP pt. 500. I want to know how to configure the PIX to have it do transparent tunneling over explicit ports on IOS 6.2 which means I would have to use TCP. My eyes are glazing over from reading docs after docs and still having no clue, please help.
I am not sue if I understand your question properly... Let me see if I can rephrase your question ...You have some VPN clients behind some firewall which are terminating the IPSec tunnel on a pix firewall running 6.2 code.. And you are trying to do IPSec over TCP type transparent tunneling . Is that true?
If this is the case, then your pix firewall cannot terminate IPSEC over TCP connections. The VPN 3000 & VPN 5000 concentrators have this capabilities
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...