How to switch the ASA VPN from IPSEC over UDP to TCP
I have a customer that has a remote office with 2 PCs that VPN in to their HQ location. Previously both PCs where at different locations now they are at the same location. Both PCs are able to successfully establish a VPN connection to HQ using the Cisco VPN Client Version 5.0.07.0290, but only 1 system is actually passing traffic and is able to access resources at HQ.
I asked another engineer and they said "you have to configure IPSEC over TCP or use Anyconnect to have multiple clients behind the same remote PAT'ed public ip address...". I'd like to go with the IPSEC over TCP route so I won't have to uninstall the old client and go through the process of installing the AnyConnect client. Below is the configuration of the ASA 5505 thanks in advance for any help.
CLIENTASA# sh run
ASA Version 7.2(4)
enable password 72LucMgVuxp5I3Ox encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
ip address 192.168.1.1 255.255.255.0
ip address x.x.x.x x.x.x.x
switchport access vlan 2
ftp mode passive
dns server-group DefaultDNS
access-list SPLIT-TUNNEL standard permit 192.168.1.0 255.255.255.0
access-list outside_in extended permit tcp any any eq smtp
access-list outside_in extended permit tcp any any eq www
access-list outside_in extended permit tcp any any eq https
access-list nonat extended permit ip 192.168.1.0 255.255.255.0 10.99.99.0 255.255.255.0
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...