04-06-2004 12:04 PM - edited 03-09-2019 06:59 AM
Using 3.6.3 VPN Client to talk to 3060 Concentrator
Under Options for session...
Enable Transparent Tunnelling is Checked
Allow Local LAN access is checked
However, when the session is established and the client status screens are brought up Transparent Tunneling says Inactive and Local LAN access is disabled???
Do have split tunnelling enabled in the group on the concentrator.
Any ideas what is causing this??
04-06-2004 03:09 PM
if you are not using nat, it will not be negotiated. it only will be when needed
04-08-2004 05:50 AM
We aren't doing NAT so that may be it. Thanks.
I do see the counts go up for packets not selected for encyrption
Anyone from Cisco have an explanation for why this works this way?
04-08-2004 07:10 AM
i would tend to guess that since you are encapsulating a esp packet within a udp one when NAT/PATing, and that your MTU for the link cannot increase, that would mean the effective data portion of the packet is reduced because of the ESP+UDP overhead. so, you probably get a slightly higher data portion when you avoid the udp encapsulation.
this is pure conjecture, as i have not broken out ethereal or some such to see what actually goes on
04-07-2004 11:48 PM
Had the same problem on a 3015. Turns out that the Mode Configuration parameter, under the IPSEC tab on a defined Group, must be selected.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: