Did you enable the "IPSEC over UDP"/NAT-T option on the VPN client? Just
have to check an option in the VPN client properties.
On Fri, Jan 22, 2010 at 12:22 AM, Kim Teu ??? Teu Kim Loon <
kim.teu_at_gmail.com> wrote:
> Hello Expert,
> When NAT-T, IPSec over UDP 10000 & TCP 10000 is enabled, what's the order
> of
> operation? Is NAT-T always the priority?
>
> I have a ASA VPN head end with Remote Access VPN configured and NAT-T
> enabled.
>
> PC User with Cisco VPN client at a remote site behind FWSM is having
> problem
> connecting using UDP 4500. The connection is going over IP-Proto 50. It's
> only working when I enabled IPSec over UDP 10000 or allow IP-Proto 50
> inbound.
>
> The client site firewall has outbound permit any any.
>
> Any idea why?
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri Jan 22 2010 - 13:54:57 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART