Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1812
Views
0
Helpful
4
Replies

Cisco VPN Client 3.6 to Cisco 2600 with Crypto Card

jerryb
Level 1
Level 1

‎09-16-2002 12:00 PM - edited ‎02-20-2020 10:15 PM

We are having trouble with some of our remote users connecting to a Cisco 2611, with a crypto card, using Cisco's VPN client software version 3.6. The remote users are connected to the network at the remote customers location and utilizing their Internet connection. A PIX firewall is in use at this particular location. The remote users are unable to bring up a VPN tunnel. I was thinking that enabling transparent tunneling over TCP port 10000 would solve the problem, but I cant find any info on how to enable IPsec on the 2611 to use port 10000. I know you can on the 3000 concentrator. Does anyone know if this is possible on the Cisco 2611? Thanks in advance.

Jerry

0 Helpful
4 Replies 4

awaheed
Cisco Employee
Cisco Employee

‎09-16-2002 11:04 PM

Hi Jerry,

Unfortunately, we cannot have remote clients coming in from behind PAT connect to the IOS or PIX at this time, the TCP/UDP tunneling options are only available on the CVPN3000 at this time. So in this case you will need to define static NAT translations for these clients to be able to connect to the 2611 router.

Hope this helps,

Regards,

Aamir

-=-=-

0 Helpful

rhavern
Level 1
Level 1
In response to awaheed

‎09-25-2002 06:02 AM

So is TCP/UDP tunneling on the IOS or PIX roadmap at this time?

0 Helpful

gfullage
Cisco Employee
Cisco Employee
In response to rhavern

‎11-18-2002 10:00 PM

Not sure if it's on the roadmap specifically. In 6.3 PIX code, due out next year, it will have support for doing PAT with one IPSec tunnel and PAT for PPTP. IOS already supports PAT for IPSec and PPTP and so you wouldn't have this problem with an IOS router.

0 Helpful

gfullage
Cisco Employee
Cisco Employee
In response to gfullage

‎11-18-2002 10:03 PM

Actually I just realised that didn't really answer your question, did it. I was referring to the fact that you wouldn't have to use UDP/TCP encapsulation if your clients were behind an IOS router, but didn't answer your question specifically.

The answer is I don't believe UDP/TCP encapsulation is on the roadmap for the PIX, although I know it has been discussed. It certainly won't be in 6.3 code, but may be in future releases.

In IOS I'm not sure, I haven't heard anything about this functionality in it though.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card