Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

TCP Not Working over LAN 2 LAN Tunnel

I have a L2L tunnel established between a pix and 3020. Everything is working but TCP. I did a lot of tinkering on the 3000 running 4.7 and could have inadvertently caused this, perhaps? The ACLS and debugs on the pix/router side are showing TCP is passing on that end.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: TCP Not Working over LAN 2 LAN Tunnel

Hello 9s.pappas,

Can you post your acl? If I recall, there is no concept of protocol on the VPN3K. That is, when you define your "crypto acl" you use only network lists. I would change the acl on the pix to reference ip.

Also, any chance you could run a sniffer on a host on the VPN3K side, and send TCP traffic from the router side to see if you see a SYN packet on the remote host? That may yield more clues.

Hope this helps! If so, please rate.

Thanks

3 REPLIES
Cisco Employee

Re: TCP Not Working over LAN 2 LAN Tunnel

Hello 9s.pappas,

Can you post your acl? If I recall, there is no concept of protocol on the VPN3K. That is, when you define your "crypto acl" you use only network lists. I would change the acl on the pix to reference ip.

Also, any chance you could run a sniffer on a host on the VPN3K side, and send TCP traffic from the router side to see if you see a SYN packet on the remote host? That may yield more clues.

Hope this helps! If so, please rate.

Thanks

New Member

Re: TCP Not Working over LAN 2 LAN Tunnel

I'll check this out with my partner on the other end and see what he says about his acl. I think this confirms for me that the VPN3K really only forwards packets and doesn't do much in the way filtering at the protocol level. I'm pretty sure once we get the acls on his pix and router staightened out, we'll be working. I'll followup once I know. I appreciate your response.

New Member

Re: TCP Not Working over LAN 2 LAN Tunnel

It ended up being a checkpoint problem on my end. Clear it up and things are working when I pushed a new rule. Thanks for the confirmation that the VPN3K doesn't do protocol filtering, it helped me elimiate the VPN3K.

140
Views
0
Helpful
3
Replies
CreatePlease to create content