Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
591
Views
3
Helpful
1
Replies

UDP vs. TCP

rmv72
Level 1
Level 1

‎03-17-2004 04:40 AM

i have PIX 506E

I successfuly configured for VPN access users via IPSec/UDP. And they can access to LAN. But when i choose in Cisco VPN Client v4 transport IPSec/TCP -it's failed to connect.

Here config-

..

access-list outside_cryptomap_dyn_30 permit ip any 172.20.20.0 255.255.255.252

....

global (outside) 1 interface

nat (inside) 0 access-list outside_cryptomap_dyn_30

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

....

sysopt connection permit-ipsec

crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac

crypto dynamic-map outside_dyn_map 10 set transform-set ESP-DES-MD5

crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map

crypto map outside_map client authentication LOCAL

crypto map outside_map interface outside

isakmp enable outside

isakmp identity address

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

vpngroup test address-pool vpn_pool

vpngroup test dns-server A.B.C.D.

vpngroup test wins-server A.B.C.D

vpngroup test idle-time 1800

vpngroup test password ****

.....

Where i'm wrong?

Labels:
0 Helpful
1 Reply 1

mostiguy
Level 6
Level 6

‎03-17-2004 06:55 AM

the pix does not support tcp encapsulation, AFAIK only the 3000 series concentrators do

Customers Also Viewed These Support Documents