Re: Allow (CiscoVPN) IPsec through[ Edited ]
12-16-2009 07:48 AM - edited 12-16-2009 07:49 AM
AFAIAA, Cisco VPN client can also work over TCP/10000, UDP/10000 or UDP/4500 depending on version. May be a good idea to try and reconfigure VPN clients for these users since you mentioned only "some users" have trouble.
I'd hazard a guess that your users in "internal" network are also NAPT-ed when going to "external", or are they?
If yes, then I think that NAT-ing ESP/proto 50 could only be done statically at the moment.
Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !