IPSec RA with s/w VPN clients to ASA w/IPSec over TCP
I'm having trouble using IPSec over TCP(port 10000) with Cisco s/w clients coming to an ASA ver 7.2(2). I succeed with IPSec over UDP & I can connect ok with a telnet to port 10000. But when I use the VPN client set for IPSec over TCP, I don't get the credentials panel for submitting user and passwd. I do have the isakmp ipsec-over-tcp port 10000 statement. What am I missing?
Re: IPSec RA with s/w VPN clients to ASA w/IPSec over TCP
Thanks for your reply. If I open a command prompt window on the client and type "telnet ASA_public_address 10000" I get a connection established--this means that the ASA is "listening" on port 10000 as it should be. No port forwarding is configured. ipsec over tcp is enabled/selected on the client. When I select ipsec-over-udp, everything works. I also have the statement isakmp tcp-over-tcp port 10000.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...