11-10-2011 12:44 AM
11-16-2011 02:55 AM
on IOS:
crypto ctcp port 443
on ASA 8.3 and earlier:
crypto isakmp ipsec-over-tcp port 443
on ASA 8.4 and later:
crypto ikev1 ipsec-over-tcp port 443
hth
Herbert
11-16-2011 04:36 AM
Hi,
I tied the command
crypto ctcp port 443
It dows not worked. I use IOS version c1841-advsecurityk9-mz.124-25b.bin. It seems that I need newer version.
11-16-2011 04:42 AM
Hi Peter,
yes that is correct, you need 12.4(9)T or later.
hth
Herbert
11-16-2011 05:23 AM
Is it true that if I configure ctcp to listen on port 443 all communication traffic will be on this port?
11-16-2011 05:28 AM
Correct, there will be no UDP500, no UDP4500, no ESP, only TCP443.
Of course, you need to configure the client to use this port, it does not "auto-discover" the port.
11-16-2011 05:33 AM
The problem is that one of the clients is behind firewall which filters most of the ports. I will try with more recent version of IOS. I hope that this will solve the problem.
If this don't work is there othere solution? Maybe SSL VPN?
Thank you!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: