Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ipsec over tcp and vpn load sharing on asa?

Hi,

I've installed a VPN cluster (2xASA5550).

Some of the VPN-Clients are using IPsec over TCP to connect. If the vpnclient configures the real ip address of asa everything works fine. If the vpnclient configures the cluster ip address no connection could established.

BTW load sharing with ipsec over udp is working without problems.

Doesn't vpn load sharing work with ipsec over tcp ?

Any experience ?

regards

Thomas

1 REPLY
Silver

Re: ipsec over tcp and vpn load sharing on asa?

Make sure that IPSec over TCP does not work with proxy-based firewalls. IPSec over TCP works with both the VPN Software Client and the VPN 3002 Hardware Client. It is a client to concentrator feature only. It does not work for LAN-to-LAN connections. The VPN 3000 Concentrator can simultaneously support standard IPSec, IPSec over TCP, and IPSec over UDP, based on the client with which it exchanges data. The VPN 3002 Hardware Client, which supports one tunnel at a time, can connect using standard IPSec, IPSec over TCP, or IPSec over UDP.

117
Views
0
Helpful
1
Replies
CreatePlease to create content