Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
248
Views
0
Helpful
3
Replies

Strange error can authenicate but no data is being tx? need help

rbinc
Level 1
Level 1

‎03-08-2003 04:49 PM - edited ‎03-09-2019 02:25 AM

Ok I am at the sans conference here in San Diego. I am on a nated network and behind their firewall. i have a cisco 3015 back at the office. i can authenicate to it but i cannot transfer data back and forth. at home, i nat and can connect with no problem. i asked if they had port esp open and they said yes all necessary ports are open. am i doing something wrong? i am at a lose here because i cannot figure out what could be the problem. logs look normal except rx/tx are 0.

thanks for any input!

Jenn

Labels:
0 Helpful
3 Replies 3

mli
Level 1
Level 1

‎03-09-2003 12:21 PM

Do you know if you are really doing NAT or if the maybe are doing PAT (i.e many inside hosts share one external host)? If they are doing PAT I think the only way to get connected to the VPN 3000 box are to use TCP encapulation.

0 Helpful

rbinc
Level 1
Level 1
In response to mli

‎03-09-2003 01:42 PM

I will have to check on that but i am using ipsec over udp (as well as, not) that should resolve the "pat" issue - correct?

0 Helpful

rjwalani
Cisco Employee
Cisco Employee
In response to rbinc

‎03-09-2003 03:56 PM

Hi Jenn,

You are right, IPSec over UDP should resolve the PAT issue. You need to make sure that the firewall at the client end does not block the udp port which you using for encapsulating the ESP packet ( default being udp 10000 and is configured at the group level on the concentrator)

Regards

Ranjana

0 Helpful
Customers Also Viewed These Support Documents