cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2897
Views
0
Helpful
11
Replies

IPsec over tcp

andre8525
Level 1
Level 1

Hello ,

I am looking for a sample config for IPsec over tcp (port 1000) for cisco 12.4 ios (2610xm)

regards,

Andrew

1 Accepted Solution

Accepted Solutions

I dont have cisco link for that but its global command just mentioned the port and allow your outside ACL for port tcp 10000.Once done change the transport setting in your VPN client for TCP port 10000.

Thanks

Ajay

View solution in original post

11 Replies 11

ajay chauhan
Level 7
Level 7

you need configure "crypto ctcp port 1000" on router and on the Vpn client side, enable ipsec over tcp for the specific port as well.

I am using advance enterprise ios and that command doesn't exist. Shall i upgrade to security ios?

Hello Ajay,

I upgrade the router to the version 12.4(9) and now i can use the command "crypto ctcp port 10000". Do you have any documentation how to enable ipsec over tcp?

Thanks

Andrew

I dont have cisco link for that but its global command just mentioned the port and allow your outside ACL for port tcp 10000.Once done change the transport setting in your VPN client for TCP port 10000.

Thanks

Ajay

Hello  Ajay,

After the upgrade and the command which you mention is working and i can connect with the mac book too (unfortunetely Apple prefers only IPsec over tcp)

Thanks

Andrew

So is it solved or something still left ?

Yes it is

One last question , do you know if i can assign the same ip to spesific vpn client?

Do you mean fixed IP for specific VPN user ?

Yes

I am sure we do it on ASA but IOS not 100 % sure if authentication id done by Radius then yes attributes can be set.

Might be other knows.

Thanks

Ajay

No worries,

Thanks for your help

Andrew