RE: Cisco Workaround (VPN PROBLEM)

[stephen at unix dot za dot net <stephen () unix za net>]

hallo again,

just to make life easy for you adam, my scenerio is a freebsd box that
acts as a gateway/ firewall, which redirects vpn calls to my w2k server.

i don't have too much cisco experience (last time i used one was about 3
yrs ago) but as long as you do the following vpn connections should work:

allow proto's 47 50 & 51
tcp port 1723
and udp 500



stephen




On Fri, 1 Aug 2003, Vachon, Scott wrote:

> > I did state in my first mail that it was the pixes that were controlling the
> > vpn/encryption, but I may not have been clear.  So there it is again.  :)
> > Anyway, the 2 versions that we tried to upgrade to are:
> > c820-k9osy6-mz.12.3-1a (24/8) and
> > 12.2(15)T4/5
> > Currently we are running:
> > 12.2 (sorry this is all i could tell from the "show run" that I did)
> > The router is an 827-v4.
>
> I see you are running : IP/FW Plus IPSec 3DES. I think the problem may be the key exchange between the PIX and the 
> router or just the VPN tunnel configuration
>
> Here are some links that may help you :
>
> http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087cac.html#1015359
>
>
> And the better one:
>
> http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps5012/products_feature_guide09186a00800a8565.html#1113060
>
> If you can't get to these, let me know offline and I'll be happy to forward them.
>
> ~S~
>
> Learn more about Paymentech's payment processing services at www.paymentech.com
> THIS MESSAGE IS CONFIDENTIAL.  This e-mail message and any attachments are proprietary and confidential information 
> intended only for the use of the recipient(s) named above.  If you are not the intended recipient, you may not print, 
> distribute, or copy this message or any attachments.  If you have received this communication in error, please notify 
> the sender by return e-mail and delete this message and any attachments from your computer.
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------


---------------------------------------------------------------------------
----------------------------------------------------------------------------