Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Escapsulation and Encryption on the Cisco VPN Concentrator 3060

Posted on 2011-09-13
2
Medium Priority
?
460 Views
Last Modified: 2012-05-12
My remote customers connect to the Cisco VPN Concentrator to access hosted applications. I  have one customer who is giving me a lot of trouble.   He says that his firewall and VPN Client (not sure what brand he's using at the moment) at his location will have problems connecting to a Cisco VPN because of encapsulation.  He wants to know if we use full encapsulation or partial encapsulation.  I know the VPN Concentrator uses IPSEC, which encapsulates a packet by wrapping another packet around it and then encrypts the entire packet.  So it my eyes that would be full encapsulation.  Would you agree?   I'm not sure what type of firewall or VPN client they are using, I just left them a message to find out.  They swear its a problem with Cisco devices:)  What do you think?
0
Comment
Question by:denver218
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 4

Accepted Solution

by:
artsec earned 2000 total points
ID: 36532756
Hello, you are right about encapsulation.

Please check the following ports on your client firewall:

PPTP Control Connection, Protocol Number       6 (TCP), Source Port 1023, Destination Port:1723
PPTP Tunnel Encapsulation: Protocol Number 47 (GRE) Source Port: N/A, Destination Port:N/A
ISAKMP/IPSec Key Management: Protocol Number 17 (UDP) Source Port: 500, Destination Port:500
IPSec Tunnel Encapsulation: Protocol Number 50 (ESP) Source Port: N/A, Destination Port: N/A
IPSec NAT Transparency: Protocol Number 17 (UDP) Source Port: 10000 (default) Destination Port:10000 (default)

It might be a conflict in IP address. The client's remote network is using the same IP address range as the VPN server's local network.

Please check your Cisco VPN Concentrator logs as well. The logs would help us to identify authentication problems.
0
 
LVL 4

Author Closing Comment

by:denver218
ID: 36537883
Thanks.  This client made some changes on their network and can now connect to the VPN.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question