Hello. I am trying to set up a VPN connection between a Cisco VPN client and a Cisco 3640 using EZ VPN Server. I have a simple ACL on the inbound 3640 interface that reads:
permit udp any host x.x.x.x eq isakmp
permit esp any host x.x.x.x
permit udp any host x.x.x.x eq 4500
permit tcp any host x.x.x.x eq 10000
This is the only ACL on the 3640 interface.
When I configure the client to connect using Enable Transparent Tunneling -IPSec over UDP (NAT/PAT), I can connect the tunnel. When I select Enable Transparent Tunneling -IPSec over TCP - Port 10000, I cannot connect the tunnel.
I think you wanted to type 12.4(10)instead of 14.4(10).
12.4(9)T is part of 12.4T Train code. What you are running currently on the router is a Mainline Code. If you notice, there is no "T" in the version of code that you are running. You may have to upgrade the chassis to 12.4(9)T.
But unfortunately, there is no support of 12.4T Train code on the 3640 and you cannot upgrade the code.
Please refer the below EoS URL that discusses the End Of Software Maintenance Releases for the 3640.
So, in your case.. you need to terminate the VPN Client on a different chassis that supports the IPSEC Over TCP feature. For example: VPN3000, Pix 7.0, ASA 7.0 or Router Platform that supports 12.4(9)T Code.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :