Cisco PIX 501 - VPNC connections blocked from internal lan to external end-point [SOLVED]

Prev: Cisco PIX 501 - VPNC connections blocked from internal lan to external end-point
Next: FCIP issues with SAN replication

From: ziikell101 on 27 Jun 2010 05:58

---

On 06/27/2010 07:15 AM, Scott Lowe wrote:
> On 2010-06-26 06:44:58 -0400, ziikell101 said:
>
>
>
> It looks like the PIX is blocking ESP (IP protocol 50), which is
> generally required in order for IPSec to work properly. You probably
> need to enable NAT traversal on your IPSec client so that it can
> encapsulate the traffic in TCP or UDP and help it work correctly with NAT.
>

Thank-you very much - The problem solved.

Added *fixup protocol esp-ike* to the config,

Added *NAT Traversal Mode cisco-udp* to the VPNC config file.

All is well.

From: ziikell101 on 27 Jun 2010 05:59

---

On 06/27/2010 07:15 AM, Scott Lowe wrote:
> On 2010-06-26 06:44:58 -0400, ziikell101 said:
>
>
>
> It looks like the PIX is blocking ESP (IP protocol 50), which is
> generally required in order for IPSec to work properly. You probably
> need to enable NAT traversal on your IPSec client so that it can
> encapsulate the traffic in TCP or UDP and help it work correctly with NAT.
>

Thank-you very much - The problem solved.

Added *fixup protocol esp-ike* to the config,

Added *NAT Traversal Mode cisco-udp* to the VPNC config file.

All is well.

 | 
Pages: 1
Prev: Cisco PIX 501 - VPNC connections blocked from internal lan to external end-point
Next: FCIP issues with SAN replication