Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Transparent Tunneling set to on in Client but inactive

Using 3.6.3 VPN Client to talk to 3060 Concentrator

Under Options for session...

Enable Transparent Tunnelling is Checked

Allow Local LAN access is checked

However, when the session is established and the client status screens are brought up Transparent Tunneling says Inactive and Local LAN access is disabled???

Do have split tunnelling enabled in the group on the concentrator.

Any ideas what is causing this??

4 REPLIES
Silver

Re: Transparent Tunneling set to on in Client but inactive

if you are not using nat, it will not be negotiated. it only will be when needed

New Member

Re: Transparent Tunneling set to on in Client but inactive

We aren't doing NAT so that may be it. Thanks.

I do see the counts go up for packets not selected for encyrption

Anyone from Cisco have an explanation for why this works this way?

Silver

Re: Transparent Tunneling set to on in Client but inactive

i would tend to guess that since you are encapsulating a esp packet within a udp one when NAT/PATing, and that your MTU for the link cannot increase, that would mean the effective data portion of the packet is reduced because of the ESP+UDP overhead. so, you probably get a slightly higher data portion when you avoid the udp encapsulation.

this is pure conjecture, as i have not broken out ethereal or some such to see what actually goes on

New Member

Re: Transparent Tunneling set to on in Client but inactive

Had the same problem on a 3015. Turns out that the Mode Configuration parameter, under the IPSEC tab on a defined Group, must be selected.

365
Views
0
Helpful
4
Replies
CreatePlease login to create content