Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1807
Views
0
Helpful
5
Replies

Cisco VPN Client (4.0.5) blocks inbound UDP traffic (and some TCP as well)

sara.janos
Level 1
Level 1

‎01-16-2006 01:09 PM - edited ‎02-21-2020 02:12 PM

Hi,

I'm not much into networking so it may sound as a newbie question:

I use some file-sharing software which uses UDP communication.

When my Cisco VPN Client is connected (to the company I work for) lines like this can be found in its logfile:

7455 20:42:45.203 01/16/06 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: UDP 220.245.108.70:6881 to 80.99.93.100:52345

80.99.93.100 is me.

No kind of firewall was on during this log.

I have no router whatsoever at home.

This test: https://www.grc.com/x/portprobe=52345 cannot reach my 52345 port when VPN is connected, it can when it's not connected.

Stateful firewall is off.

In connection properties 'Enable transparent tunneling' is checked with the 'IPSec over UDP (NAT/PAT)' chosen.

Any idea to let this inbound UDP traffic through?

And to much of my surprise there are some lines like this in the log, blocking some inbound TCP:

7374 20:42:34.375 01/16/06 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: TCP 193.225.232.137:2793 to 80.99.93.100:52345

Can anyone tell me why is that?

Thanks a lot in advance

Janos

Labels:
0 Helpful
5 Replies 5

vkapoor5
Level 5
Level 5

‎01-20-2006 01:05 PM

What is the VPN Gateway at your company end? Some VPN gateways (Fro example, Cisco VPN Concentrators) can be configured to push firewall functions to the VPN client at the time of tunnel negociation. See the following link for more information:

http://www.cisco.com/univercd/cc/td/doc/product/vpn/client/4_6/ugwin/vc5.htm#wp1010052

0 Helpful

sara.janos
Level 1
Level 1
In response to vkapoor5

‎01-26-2006 12:48 PM

Thanks for help.

It seems that's actually the reason for why UDP-in gets blocked, see my other post.

0 Helpful

rene.schmid
Level 1
Level 1

‎01-23-2006 11:19 PM

hi,

i'm sure, that your company encrypt all traffic via the vpn tunnel. you can check this, by connecting to your vpn gateway then right click on the vpn client icon -> choose statistics and take a look at the route details. if there is the net 0.0.0.0 0.0.0.0 on the secured routes side then your company routes every traffic via the vpn tunnel.

hope that helps..

rene

0 Helpful

sara.janos
Level 1
Level 1
In response to rene.schmid

‎01-26-2006 12:45 PM

Hi Rene,

Thanks for your reply.

In my case, at the place you mentioned all subnet masks start with 255.

Another thing is that I didn't really get your point why the fact whether vpn tunnel traffic is encrypted or not would affect incoming UDP packets from the rest of the internet. Maybe it's just my limited networking knowledge.

Anyway in the meantime I found the answer to my own question, see other post of mine.

0 Helpful

sara.janos
Level 1
Level 1

‎01-26-2006 01:09 PM

I found the answer in the meantime, and what 'vkapoor5' posted completes the picture:

My Cisco VPN Client has a built in ZoneAlarm firewall which blocks all incoming UDP according to the settings that are enforced by the gateway I'm connected to which has a Cisco VPN Concentrator.

If I, with some dll+registry hacking (http://www.outpostfirewall.com/forum/showthread.php?t=9917), disable that I cannot connect to my gateway because it complains about mismatching firewall settings.

ZoneAlarm FREE blocks all incoming UDP, no matter what.

ZoneAlarm Pro can be configured to let that through, but still, when connecting to the gateway enforcement of firewall setting takes place and my personal setting are overruled.

All in all, to see the bright side of it, my company to some good extent passed the exam :-)

0 Helpful
Customers Also Viewed These Support Documents