So how does the Linksys or cisco 800 handles the IPSec thru PAT then ?
Thanks.
Alex Lee
Lidiya White wrote in message
news:[EMAIL PROTECTED]...
PIX doesn't support IPSec transparency/IPSec over TCP. Concentrators do.
It all depends on the device that is between your client and PIX, that
is
PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco VPN client and NAT [7:47430]
So how does the Linksys or cisco 800 handles the IPSec thru PAT then ?
Thanks.
Alex Lee
Lidiya White wrote in message
news:[EMAIL PROTECTED]...
PIX doesn't support IPSec transparency/IPSec over TCP. Concentrators do
and sending it to a negotiated port.
Doug
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 26, 2002 11:20 AM
To: [EMAIL PROTECTED]
Subject: RE: Cisco VPN client and NAT [7:47430]
Lidiya,
On the pix when you configure Ipsec you configure a pool
, Douglas
To:
Sent: Wednesday, June 26, 2002 6:15 PM
Subject: RE: Cisco VPN client and NAT [7:47430]
In most cases the PIX does not support VPN's over PAT you need a static
NAT
to establish a VPN tunnel.
Protocol 50 (Encapsulating Security Payload [ESP]) handles the
encrypted/encapsulated packets
] [mailto:[EMAIL PROTECTED]] On Behalf Of
Alex Lee
Sent: Wednesday, June 26, 2002 8:20 AM
To: [EMAIL PROTECTED]
Subject: Re: Cisco VPN client and NAT [7:47430]
So how does the Linksys or cisco 800 handles the IPSec thru PAT then ?
Thanks.
Alex Lee
Lidiya White wrote in message
news:[EMAIL PROTECTED
]] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, June 26, 2002 10:20 AM
To: [EMAIL PROTECTED]
Subject: RE: Cisco VPN client and NAT [7:47430]
Lidiya,
On the pix when you configure Ipsec you configure a pool of addresses
that
your Ipsec clients will use on your own network. For instance your
inside
network
See inlines
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Paul
Sent: Wednesday, June 26, 2002 5:11 PM
To: [EMAIL PROTECTED]
Subject: Re: Cisco VPN client and NAT [7:47430]
Cool, so the PIX will not support VPN's over PAT !!!
If you
:[EMAIL PROTECTED]] On Behalf Of
Lidiya White
Sent: Wednesday, June 26, 2002 7:56 PM
To: [EMAIL PROTECTED]
Subject: RE: Cisco VPN client and NAT [7:47430]
See inlines
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Paul
Sent: Wednesday, June 26, 2002 5:11
PROTECTED]] On Behalf Of
supernet
Sent: Wednesday, June 26, 2002 11:31 PM
To: [EMAIL PROTECTED]
Subject: RE: Cisco VPN client and NAT [7:47430]
Lidiya,
I didn't try PIX, but I tried a 1605: Main office
3030---Internet---1605---VPN clients. It worked fine. 1605 was
configured PAT inside. Does
To: 'supernet'; [EMAIL PROTECTED]
Subject: RE: Cisco VPN client and NAT [7:47430]
I bet you were using IPSec over TCP. Then it really doesn't matter what
is in the 'middle'. Your Cisco 1605 will see only tcp traffic, not esp.
Cisco 1600 is not IPSec aware (and don't have to be in your setup).
-- Lidiya
On the VPN concentrator, systemuser managementgroup IPsec tab you
need to check IPSec through NAT
Also you need to make sure your PIX is configured to pass IPsec(AH,ESP),
ISAKMP, and UDP encapsulation traffic.
Ruihai
Paul wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi ...
11 matches
Mail list logo