Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
688
Views
0
Helpful
1
Replies

IPSec over TCP on PIX 501E

Go to solution
escisco
Level 1
Level 1

‎06-30-2004 02:27 AM - edited ‎02-21-2020 01:13 PM

Hi,

Is there any way i can configure IPSec over TCP as a default configuration in PIX Firewall. I am running 6.3

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
gfullage
Cisco Employee
Cisco Employee

‎06-30-2004 08:12 PM

The PIX doesn't support IPsec over TCP. It does support NAT-T, which is IPSec over UDP/4500, which the Cisco VPN client also supports. Just add the following command onto the PIX:

isakmp nat-traversal

The PIX and VPN client will auto-negotiate IPSec encapsulation if necessary. See http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/gl.htm#wp1027312 for details.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
gfullage
Cisco Employee
Cisco Employee

‎06-30-2004 08:12 PM

The PIX doesn't support IPsec over TCP. It does support NAT-T, which is IPSec over UDP/4500, which the Cisco VPN client also supports. Just add the following command onto the PIX:

isakmp nat-traversal

The PIX and VPN client will auto-negotiate IPSec encapsulation if necessary. See http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/gl.htm#wp1027312 for details.

0 Helpful
Customers Also Viewed These Support Documents