01-04-2019 09:21 PM - edited 03-12-2019 04:18 AM
Hey Guys;
Hopefully I can get some help here with this issue; as my head is spinning around in circles in trying to figure this out; long story short. My friend and I are doing a site 2 site vpn using a 1900 cisco router >>> Cisco Fw >>>> Vpn Net. I believe I have the correct routes on my router and fw; but whenever my friend tests the vpn I keep getting "Deny inbound UDP from ISP/500 to FriendsWan/60710 on interface OUT. I have allowed all ports all interfaces to test routes; but I keep getting the same message as my friend can't vpn connect. Please can someone look over my setup and see where im doing wrong or what can I do to fix this; this is my only project left is vpn setup and this is killing me (lol)...
Please see attachment for Fw and Router
Thanks
01-04-2019 10:07 PM
looks like one of the device behind NAT.look at this URL and make changes accordingly..
https://packetpushers.net/site-site-ipsec-vpn-nat/
01-05-2019 01:03 AM
01-05-2019 02:18 PM - edited 01-05-2019 03:24 PM
Hello;
Could it be possible that my nat is a problem on my firewall; i tried exempting it and it didn't work; i tried enable ip,upd,tcp on all interfaces still doesn't work; but i can always see the traffic when my friend tries vpn connection to me
Thanks
01-05-2019 02:18 PM - edited 01-05-2019 03:22 PM
Hello;
it seems like when my friend starts the vpn connection it dies and ends once its hits my firewall; and only maps i have is on my router to start the initiated vpn.
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: