Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
1
Helpful
1
Replies

TCP Vs UDP...

hyukin.kwon
Level 1
Level 1

‎05-02-2004 07:32 AM

Hi all,

I have a cisco 2621 and VPN client 4.0.

and finished the configuration of C2621.

Configruation follows..

show config

Using 1801 out of 29688 bytes

!

version 12.3

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

enable password cisco

!

username cisco password 0 cisco

username test password 0 test123

aaa new-model

!

!

aaa authentication login userauthen local

aaa authorization network groupauthor local

aaa session-id common

ip subnet-zero

ip cef

!

no ip domain lookup

!

ip audit notify log

ip audit po max-events 100

!

crypto isakmp policy 3

encr 3des

authentication pre-share

group 2

!

crypto isakmp client configuration group mavi

key cisco123

pool local

!

crypto ipsec transform-set myset esp-3des esp-sha-hmac

!

crypto dynamic-map dynmap 10

set transform-set myset

crypto map clientmap client authentication list userauthen

crypto map clientmap isakmp authorization list groupauthor

crypto map clientmap client configuration address respond

crypto map clientmap 10 ipsec-isakmp dynamic dynmap

!

no voice hpi capture buffer

no voice hpi capture destination

!

interface FastEthernet0/0

ip address 192.168.2.1 255.255.255.0

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/0

no ip address

shutdown

no fair-queue

!

interface FastEthernet0/1

ip address 192.168.1.6 255.255.255.0

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/1

no ip address

shutdown

!

interface Serial0/2

no ip address

shutdown

!

ip local pool 192.168.2.2 192.168.2.100

no ip http server

no ip http secure-server

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

!

radius-server authorization permit missing Service-Type

!

dial-peer cor custom

!

line con 0

line aux 0

line vty 0 4

password cisco

!

end

Router#

Is this configuration right ?

and I have two questions.

- I want to connect C 2621 using VPN Client . but My IP address is always change because the line is ADSL (DHCP). So How can I change the configuration especially about the "ip local pool" ?

- What port should I open at firewall? Actually I don't know the difference between the TCP and UDP transparent mode.

Thanks in advance...

Labels:
0 Helpful
1 Reply 1

owillins
Level 6
Level 6

‎05-07-2004 05:17 AM

Use the sysopt permit ipsec command to allow the vpn client through your PIX. I don't think you would be able to connect using the vpn client with a dynamic address. As far as I know, you would need a dynamic address.

Customers Also Viewed These Support Documents