RE: VPN Cisco Client - Behind ISA Server.

• From: "Adam Staub" <Adam.Staub@xxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 24 Jul 2002 13:02:06 -0500

Final Follow up:

Quote from Cisco Engineer:

There are plans to implement this feature into the PIX code. However, there
is no timeline that has been released for this feature. You are correct in
that it would solve your problem. The reason is that "transparent tunneling"
can use UDP port 10000 (which the proxy server does recognize and can let
through) instead of the ESP protocol for data transfer through the tunnel.
So, "transparent tunneling" will enable the client to work from behind proxy
devices that don't support or recognize the ESP protocol. This is the reason
that these type of connections work to a 3000 Series VPN Concentrator

Adam

-----Original Message-----
From: Adam Staub 
Sent: Wednesday, July 24, 2002 12:59 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN Cisco Client - Behind ISA Server.


http://www.ISAserver.org


Follow up.  I opened a case with TAC.  They say that the PIX(note: the 3000 
series vpn concentrator is a different animal) doesn't support the 
encapsulation options on the 3.x client.  So it will not work period.

Thanks,
Adam

-----Original Message-----
From: Adam Staub 
Sent: Wednesday, July 24, 2002 8:47 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] VPN Cisco Client - Behind ISA Server.


http://www.ISAserver.org


I'm trying to setup a connection to a PIX box from behind my ISA box.  I've 
setup two protocol definitions on udp port 500 send/receive and udp port 10000 
send/receive.  I then created a protocol definition using the two rules.  
However, my IPPext log is stating that it has blocked port 500 coming back from 
the PIX box.  I then created a packet filter to allow port 500 thru but that 
didn't help either.  What am I doing wrong?


Thanks,
   Adam


********************************************************************* 
Note: This E-mail and any attachments may be privileged and confidential and 
protected from disclosure.  If the reader of this message is not the intended 
recipient, or an employee or agent responsible for delivering this message to 
the intended recipient, you are hereby notified that any disclosure, copying, 
distribution or use of this E-mail and any attachments is strictly prohibited.  
If you have received this E-mail in error, please notify us immediately by 
returning it to the sender and deleting it from your computer system.  Thank 
you for your cooperation.
**********************************************************************


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
Adam.Staub@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


********************************************************************* 
Note: This E-mail and any attachments may be privileged and confidential and 
protected from disclosure.  If the reader of this message is not the intended 
recipient, or an employee or agent responsible for delivering this message to 
the intended recipient, you are hereby notified that any disclosure, copying, 
distribution or use of this E-mail and any attachments is strictly prohibited.  
If you have received this E-mail in error, please notify us immediately by 
returning it to the sender and deleting it from your computer system.  Thank 
you for your cooperation.
**********************************************************************


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
Adam.Staub@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


********************************************************************* 
Note: This E-mail and any attachments may be privileged and confidential and 
protected from disclosure.  If the reader of this message is not the intended 
recipient, or an employee or agent responsible for delivering this message to 
the intended recipient, you are hereby notified that any disclosure, copying, 
distribution or use of this E-mail and any attachments is strictly prohibited.  
If you have received this E-mail in error, please notify us immediately by 
returning it to the sender and deleting it from your computer system.  Thank 
you for your cooperation.
**********************************************************************

Other related posts:

• » VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.
• » RE: VPN Cisco Client - Behind ISA Server.

1. Home
2. isalist
3. Archive
4. 07-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---