12-13-2010 06:36 PM
Is there any trick to get users to connect to a easy vpn server through their home router (ie dlink with nat).
There must be a way with cisco. I know it's possible with other software i've used.
thanks
Dan
Solved! Go to Solution.
12-13-2010 06:51 PM
yes, for outbound connection from your vpn client through dlink, it should be ok.
If you have firewall configured on your dlink, this is where you would need to allow UDP/500 and UDP/4500 outbound.
12-13-2010 06:40 PM
Firstly, you would need to enable NAT-T (NAT traversal) on the ezvpn server. This will allow the ESP packet be encapsulated into UDP/4500 which will pass through NAT routers.
On NAT routers, you would need to allow UDP/500 and UDP/4500. Hope that helps.
Some head-end (VPN3000 Concentrator for example) can encapsulate ESP into UDP/10000, or TCP/10000, so you would need to check the headend on what it defaults or if it is configured to be encapsulated into specific ports.
Hope that helps.
12-13-2010 06:43 PM
ok. I'll try it out. I was confused and though it was for users going out through nat on cisco -> to the internet and then to a public address.
Makes sense now
Dan
12-13-2010 06:48 PM
Will i be able to perform the connection without enabling 4500 on the dlink router.
ie
user -> dlink(nat) -> internet -> easy vpn server
12-13-2010 06:51 PM
yes, for outbound connection from your vpn client through dlink, it should be ok.
If you have firewall configured on your dlink, this is where you would need to allow UDP/500 and UDP/4500 outbound.
12-22-2010 09:42 AM
Thanks for the info. Worked like a charm.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide