Using ipsec over tcp/udp isnt a feature of the pix or routers as of this date. You can only connect to a 3000 concentrator with ipsec over tcp/udp. By checking the box for this option on the client does nothing, as its the remote device that has to agree on it. If you are connecting to a concentrator and dont have that option checked on the concentrator but you have it configured on the client, it still dont work. It has to be configured on both the client and concentrator. If you are going to connect to a router or pix, you will have to have a static nat translation or public(routable for the end device) ip. In 12.2.5T there is a feature for esp translation on the routers. Where if the client is behind a router doing port address translation, you can map one single ip address to the protocol esp allowing one vpn connection. Im not even gonna guess why you can't connect, no configs or debugs, because to many variables. Usually you can connect behind a PAT device to the router or pix, but just can't pass traffic. So it could be something like your configuration on the pix, router or client.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :