Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Terminating IPSec-over-TCP or IPSec-over-UDP on PIX

Cisco VPN Client are terminated on a PIX firewall (not concentrator)outside interface. Some users are working behind a nat/pat device. Therefore, we must provide NAT transparency via UDP or TCP. The PIX firewall must be prepared to terminate those sessions. Does anybody know how?

Thanks

Edgar

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: Terminating IPSec-over-TCP or IPSec-over-UDP on PIX

hi Edgar,

Yes, the feature has been added to 6.3. We use Nat traversal for PIX (UDP 4500), version of the Cisco VPN client that supports this type of nat-t are 3.6 and later. THe following are url with info on both:

PIX

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63rnotes/pixrn63.htm#65230

VPN client

http://www.cisco.com/univercd/cc/td/doc/product/vpn/client/3_6/365clnt.htm#1175427

Regards,

Arthur

1 REPLY
Community Member

Re: Terminating IPSec-over-TCP or IPSec-over-UDP on PIX

hi Edgar,

Yes, the feature has been added to 6.3. We use Nat traversal for PIX (UDP 4500), version of the Cisco VPN client that supports this type of nat-t are 3.6 and later. THe following are url with info on both:

PIX

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63rnotes/pixrn63.htm#65230

VPN client

http://www.cisco.com/univercd/cc/td/doc/product/vpn/client/3_6/365clnt.htm#1175427

Regards,

Arthur

102
Views
5
Helpful
1
Replies
CreatePlease to create content