Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1308
Views
0
Helpful
3
Replies

RVS4000 ISAKMP Nat Problem

oliviersabrie
Level 1
Level 1

‎09-14-2011 06:57 AM

Hi there,

I'm currently dealing with a weird problem on a Cisco RVS4000.

I'm tring to connect to a IPSEC VPN Gateway (NETASQ) located on the lan side of the RVS4000.

I'm using Greenbow vpn client on the WAN side of the RVS4000

Basicaly i'm trying to get through the RVS

My VPN config is ok because i tested it on the lan side of the RVS

The RVS is configured like this:

NO VPN configured.

Block WAN Request :OFF

FIREWALL,IPS,DDOS are OFF

NAT forwarding on for UDP 500 and 4500 directed from the wan to the ip of the VPN gateway

Seems right because iv managed to do this with other routers (different brands) on another site

I've wiresharked my vpn client and i keep getting ICMP destination unreachable (PORT UNREACHABLE) after my ISAKMP launching packet.

Can the RVS nat these ports ?

Labels:
0 Helpful
3 Replies 3

temesvarig
Level 1
Level 1

‎05-06-2012 09:10 AM

I have the exact same annoying problem.

Could someone from the vendor advise or confirm this as a bug?

0 Helpful

oliviersabrie
Level 1
Level 1
In response to temesvarig

‎05-07-2012 01:50 AM

I've managed to discover the trick. These two ports are some kind of reserved for the cisco vpn system. You can fool this by nating These two ports to a different value on the wan side.

wan --700--470 ---CISCO --- 500- 4500 ---YourVpnequipement

0 Helpful

temesvarig
Level 1
Level 1
In response to oliviersabrie

‎05-07-2012 04:36 AM

I think this may be a workaround for a web server port, but not a solution for VPN ports.

0 Helpful
Customers Also Viewed These Support Documents