PIX 515 v6.3 & VPN nat-traversal

Discussion in 'Cisco' started by pasatealinux, Mar 25, 2008.

  1. pasatealinux

    pasatealinux

    Joined:
    Oct 2, 2007
    Messages:
    14
    Hi,

    I have VPN clients connecting to my pix 515 v.6.3 using Nat-traversal ( aka IPSEC/udp ).

    I have 2 wan interfaces. One interface is used to VPN site to site to different remote peers. The other interface is used to finish cisco vpn clients.

    The cisco VPN clients are configured using IPSEC over udp ( nat-traversal ).
    I have many different profiles for remote cisco vpn clients.

    I see that some remote employees have problems with VPN clients using an specific dsl router. It seems there's a problem with nat translations in these routers.

    I was reading vpnclient pdf and It suggest to change the method of the vpn client and configuring IPSEC over TCP ( port tcp 10000 ).

    I would like to modify the PIX config to allow IPSEC over TCP, then I think that I must configure the command : no crypto isakmp nat-traversal

    I would like to know if this command will brake my VPN site to site tunnels used in the other interface and if this will brake the current enviroment for the rest of the remote vpn clients ( cisco software ).

    Alternatives are wellcome.

    Thank you very much.

    Best regards.
     
    pasatealinux, Mar 25, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. cci admin

    nat traversal or something else

    cci admin, Apr 22, 2004, in forum: Cisco
    Replies:
    5
    Views:
    3,391
    cci admin
    Apr 22, 2004
  2. Scott Townsend
    Replies:
    8
    Views:
    710
    Roman Nakhmanson
    Feb 22, 2006
  3. Bohdan Yaremko

    VPN tunnel with NAT traversal

    Bohdan Yaremko, Mar 31, 2006, in forum: Cisco
    Replies:
    1
    Views:
    3,687
    Walter Roberson
    Mar 31, 2006
  4. foxx0171@yahoo.com

    VPN Nat Traversal Through Watchguards

    foxx0171@yahoo.com, Sep 20, 2006, in forum: Cisco
    Replies:
    2
    Views:
    4,254
    Kitingfox
    Sep 20, 2006
  5. Stephen M
    Replies:
    1
    Views:
    671
    mcaissie
    Nov 14, 2006
Loading...

Share This Page