Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Change VPN Client to "over TCP"

I have a 2900 ISR that my VPN clients connect to using IPSEC over UDP.  I am having periodic problems, especially with clients connecting through DSL, where they connect and immediately drop.  Sometimes this is resolved by users updating their home router firmware.  I'd like to issue a new client PCF file using IPSEC over TCP to see if that resolves the problems.

Can I have both running at once, and what do I need to add to the 2900 to enable this connectivty without breaking the existing clients?  If the test is successful, I will migrate all users to the new configuration.  This ISR is also used to support L2L connectivity for a handful of sites.

1 REPLY

Change VPN Client to "over TCP"

conf t

crypto ctcp port 10000

Yes both the profiles UDP/TCP will work after enabling this but will have to change the setting for client vpn software to use TCP port also allow this port on outside ACL.

Thanks

Ajay

460
Views
0
Helpful
1
Replies
CreatePlease to create content