Escapsulation and Encryption on the Cisco VPN Concentrator 3060

My remote customers connect to the Cisco VPN Concentrator to access hosted applications. I  have one customer who is giving me a lot of trouble.   He says that his firewall and VPN Client (not sure what brand he's using at the moment) at his location will have problems connecting to a Cisco VPN because of encapsulation.  He wants to know if we use full encapsulation or partial encapsulation.  I know the VPN Concentrator uses IPSEC, which encapsulates a packet by wrapping another packet around it and then encrypts the entire packet.  So it my eyes that would be full encapsulation.  Would you agree?   I'm not sure what type of firewall or VPN client they are using, I just left them a message to find out.  They swear its a problem with Cisco devices:)  What do you think?
LVL 4
denver218Asked:
Who is Participating?
 
artsecConnect With a Mentor Commented:
Hello, you are right about encapsulation.

Please check the following ports on your client firewall:

PPTP Control Connection, Protocol Number       6 (TCP), Source Port 1023, Destination Port:1723
PPTP Tunnel Encapsulation: Protocol Number 47 (GRE) Source Port: N/A, Destination Port:N/A
ISAKMP/IPSec Key Management: Protocol Number 17 (UDP) Source Port: 500, Destination Port:500
IPSec Tunnel Encapsulation: Protocol Number 50 (ESP) Source Port: N/A, Destination Port: N/A
IPSec NAT Transparency: Protocol Number 17 (UDP) Source Port: 10000 (default) Destination Port:10000 (default)

It might be a conflict in IP address. The client's remote network is using the same IP address range as the VPN server's local network.

Please check your Cisco VPN Concentrator logs as well. The logs would help us to identify authentication problems.
0
 
denver218Author Commented:
Thanks.  This client made some changes on their network and can now connect to the VPN.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.