Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
398
Views
0
Helpful
1
Replies

VPN Client 3.x thru 2600 NAT to 3000 concentrator

tirwin
Level 1
Level 1

‎06-23-2002 08:41 PM - edited ‎02-21-2020 11:49 AM

Scenario: Using VPN Client 3.5.1 (B) behind a 2600 router doing NAT and IOS ver 12.2.(8)T4. Destination is a VPN 3000 concentrator. Client can authenticate and connect, but can't reach anything. Tried both no tunneling and udp tunneling... tcp tunneling isn't enabled on the 3000.

Any ideas why this won't work? Debugs reveal some packets from 3000 are being dropped, but not enough info to determine why...

Labels:
0 Helpful
1 Reply 1

cjacinto
Cisco Employee
Cisco Employee

‎06-24-2002 09:21 PM

Enabling IPSec thru udp (per group settings) and IPSec thru tcp (global settings), requires the settings to be turned on the concentrator. For udp

it has to be on the group, as part of mode config (make sure you tick mode config), for tcp it is a global config. Then you select the approriate encap on the client, see:

http://www.cisco.com/warp/customer/471/nat_trans.html

http://www.cisco.com/warp/customer/471/vpn3k_ipsec_tcp.html

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents