From: Sam Munzani (sam@munzani.com)
Date: Thu May 15 2003 - 11:24:07 GMT-3
Eric,
It's UDP/4000 not 45000. UDP/45000 is used by Net Ranger post office
protocol.
Sam Munzani
> isakmp nat-traversal [<natkeepalive>] will get your UDP working. Just as a
> side-note, the older clients that support UDP but do not let you choose to
> use it or not will automatically use UDP if the PIX is set for it. That
> means if you have not allowed UDP 45000 to you PIX, and you enable
> nat-traversal, you will break some users until you allow UDP 45000 or
until
> you upgrade them to a 4.x client and force non-udp.
>
> I've been using 4.x VPN client for several weeks now, and the best thing
for
> me is that it no longer removes or conflicts with other VPN clients. Older
> versions could not co-exist with Check Point or Windows VPN software, but
> 4.x does so just fine.
>
> -Eric
>
>
> -----Original Message-----
> From: Chris Johnston [mailto:chris@routerguy.com]
> Sent: Wednesday, May 14, 2003 5:49 PM
> To: ccielab@groupstudy.com
>
> Hello everyone;
>
> Has anyone tinkered with the NAT Transversal VPN on the new PIX 6.3.1
> release? It's supposed to be in there (somewhere) but I'll be danged if I
> can find explicit documentation on how to enable it.
>
> Have you also noticed that the new VPN client 4.01 is out? It actually
> works with the WinXP easy login since it installs a driver vs. a shim into
> the OS.
>
> Chris Johnston
> 714-306-5746
> 949-653-8819 (fax)
>
> Cannot find REALITY.SYS. Universe halted.
> -------------------------------------------------------------------
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:43 GMT-3