03-15-2004 01:44 AM - edited 02-21-2020 01:04 PM
I've got a 1712 Router using VPN Feature set, connecting to 3000 series Concentrator, via the Internet.
The Concentrator is hidden behind a PIX Firewall. The Firewall has a public NAT address for the Concentrator. I understand I need to use IPSec over UDP in order for the IPSec tunnel to establish.
What I need to know is:
1. What are the CLI commands for the Router to put IPSec over UDP.
2. Will the UDP us port 10000
3. What boxes need selecting on the Concentrator LAN-to-LAN setup.
regards
03-15-2004 05:58 AM
Hi,
In my opinion UDP Tunneling for IPSec works for client ipsec only and does not work for L2L IPsec. Is that correct.
Thanks Markus
03-15-2004 06:15 AM
Hi,
I've done some further checking. For the Router there's a command 'crypto ipsec nat-transparency udp-encapsulation'. The command gets accepted, but doesn't appear in the config.
I'm thinking it might be an IOS bug.
image is c1700-k9osy7-mz.122-15.ZL1.bin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide