I've got a complex network that I'm trying to VPN from within to an external network at a remote site that is directly on the internet.
I was able to get the setup to work properly in a test environment, but it won't work from the Internet or from my internal network. I suspect there's a firewall on my ISPs network that is getting in the way, though I want to ensure I've covered all the bases on my end.
To clarify in more detail, I've actually setup two different VPNs. The PPTP version works from the internet, but not the internal network because GRE is blocked from my ISPs FW (I've confirmed that with them and they are unwilling to change). The L2TP/IPSEC VPN works in my test lab, but not on the Internet or from my Internal Network.
The client is a WinXP VPN client. The VPN server is the PIX 501 at the remote site hung on an IDSL router.
My guess is the IDSL router may not support IPSEC or my ISP's FWs may be blocking the traffic, just like with PPTP.
I'd like to confirm my config, to ensure I'm not missing anything and potentially get ideas that could help me bypass the FWs. The ISP told me that it ought to work using UDP Port 10000 for the IPSEC or IKE, but I don't know if that can be configured in a 501.
I appreciate anyones help and advice.
Let me know if you need more information on my network.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...