06-13-2012 02:40 PM - edited 02-21-2020 06:07 PM
When you configure this option on the ASA, does it affect all VPN's? This is a global config item, if I have existing VPN's working with UDP, but am required to set up a VPN using TCP, do the other VPN's continue to use UDP, or do they fail as the other end is not of the same configuration?
Solved! Go to Solution.
06-13-2012 11:34 PM
IPSec over TCP is only supported for remote access vpn client connection to the ASA. It is not supported for LAN-to-LAN VPN tunnel.
And yes, it will affect all remote access vpn client connection to the ASA once you enable it globally.
Here is the document for your reference:
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ike.html#wp1059912
06-13-2012 11:34 PM
IPSec over TCP is only supported for remote access vpn client connection to the ASA. It is not supported for LAN-to-LAN VPN tunnel.
And yes, it will affect all remote access vpn client connection to the ASA once you enable it globally.
Here is the document for your reference:
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ike.html#wp1059912
06-14-2012 07:12 AM
Thank You, I enabled last night and so far so good. The note "The adaptive security appliance can simultaneously support standard IPsec, IPsec over TCP, NAT-Traversal, and IPsec over UDP, depending on the client with which it is exchanging data." gives me some reassurance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide