NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN

From: Kim Teu ??? Teu Kim Loon <kim.teu_at_gmail.com>
Date: Thu, 21 Jan 2010 15:22:23 -0600

Hello Expert,
When NAT-T, IPSec over UDP 10000 & TCP 10000 is enabled, what's the order of
operation? Is NAT-T always the priority?

I have a ASA VPN head end with Remote Access VPN configured and NAT-T
enabled.

PC User with Cisco VPN client at a remote site behind FWSM is having problem
connecting using UDP 4500. The connection is going over IP-Proto 50. It's
only working when I enabled IPSec over UDP 10000 or allow IP-Proto 50
inbound.

The client site firewall has outbound permit any any.

Any idea why?

Blogs and organic groups at http://www.ccie.net
Received on Thu Jan 21 2010 - 15:22:23 ART

This message: [ Message body ]
Next message: dls152_at_cox.net: "cisco 5508 help"
Previous message: Iwan Hoogendoorn: "Re: VLAN 1002 -1005"
Next in thread: Farrukh Haroon: "Re: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Farrukh Haroon: "Re: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Andrew Larkins: "RE: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Farrukh Haroon: "Re: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Kim Teu ??? Teu Kim Loon: "RE: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Tyson Scott: "RE: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Kim Teu ??? Teu Kim Loon: "RE: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Tyson Scott: "RE: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"
Maybe reply: Farrukh Haroon: "Re: NAT-T, IPSec over UDP 10000 & TCP 10000 - remote access VPN"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART