Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
489
Views
0
Helpful
2
Replies

VPN client 4.01 to 3005 concentrator via a borderware firewall using TCP

kerry.whittaker
Level 1
Level 1

‎07-31-2003 03:09 PM - edited ‎02-21-2020 12:42 PM

I have a remote user trying to access my vpn 3005 servers. the client configured for TCP port access.

he has open the tcp port up on his fw but gets this in his vpn client log.

Unexpected TCP control packet received from x.x.x., src port 15845, dst port 1315, flags 10h¿B

a snoop on my firewall shows

client to vpn - syn packet

vpn to client - syn ack packet

client to vpn - data packet - 6 times

vpn to client - rst packet

looks like the borderware firewall (doing nat) proxy server can't support the IPSEC protocol.

Anyone have any ideas?

(p.s. other VPN users are working ok)

Labels:
0 Helpful
2 Replies 2

tkpsimon
Level 1
Level 1

‎08-29-2003 11:04 AM

Hi I'm experinecing a similar situation, with vpn client and the borderware. Since the borderware is my third vendor's firewall, i have no control to it.

Have you find a solution to this? if so, i would really appreciate if you could give me a hint. Thanks in advance.

0 Helpful

kerry.whittaker
Level 1
Level 1
In response to tkpsimon

‎08-31-2003 01:38 PM

The site i was having the problem at changed to using the UDP/(NAP/PAT) after they enable the IPSEC proxy thing on their firewall. this only gives them one user at a time but it works. this uses UDP port 4500 which must also be enable in the firewall and on the vpn server.

0 Helpful
Customers Also Viewed These Support Documents