05-29-2008 07:56 AM - edited 02-21-2020 03:44 PM
I have a 3000-series concentrator where I already have IPSEC set up on port TCP/50,000, but I wonder if this is possible on a PIX 501 running 6.3(3).
I ask, because I want to be able to VPN into my PIX from broadband connections at hotels, who might not allow ESP (IP_Prot 50, 51) for instance. If I use a TCP port for the IPSEC, I'll likely overcome that.
06-04-2008 08:57 AM
I think IPsec over TCP is supported only on the public interface of VPN Concentrators.
06-04-2008 12:09 PM
Hi
That is not possible with IOS 6.x.
IOS version 6.x does not support IPsec over TCP.
PIX 501 does not support IOS version 7.x.
visit this link.
This document describes how to configure remote access VPN sessions between a PIX Firewall and VPN Hardware Clients. This sample configuration demonstrates a configuration for IPsec over TCP on any port. This feature is introduced in PIX version 7.x.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: