Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Strange error can authenicate but no data is being tx? need help

Ok I am at the sans conference here in San Diego. I am on a nated network and behind their firewall. i have a cisco 3015 back at the office. i can authenicate to it but i cannot transfer data back and forth. at home, i nat and can connect with no problem. i asked if they had port esp open and they said yes all necessary ports are open. am i doing something wrong? i am at a lose here because i cannot figure out what could be the problem. logs look normal except rx/tx are 0.

thanks for any input!

Jenn

3 REPLIES
mli
New Member

Re: Strange error can authenicate but no data is being tx? need

Do you know if you are really doing NAT or if the maybe are doing PAT (i.e many inside hosts share one external host)? If they are doing PAT I think the only way to get connected to the VPN 3000 box are to use TCP encapulation.

New Member

Re: Strange error can authenicate but no data is being tx? need

I will have to check on that but i am using ipsec over udp (as well as, not) that should resolve the "pat" issue - correct?

Cisco Employee

Re: Strange error can authenicate but no data is being tx? need

Hi Jenn,

You are right, IPSec over UDP should resolve the PAT issue. You need to make sure that the firewall at the client end does not block the udp port which you using for encapsulating the ESP packet ( default being udp 10000 and is configured at the group level on the concentrator)

Regards

Ranjana

83
Views
0
Helpful
3
Replies