SRX Services Gateway
Highlighted
SRX Services Gateway

SRX does not see UDp 500 packet on its internal interface

06.01.12   |  
‎06-01-2012 06:43 AM

Hello All,

 

Am running a Cisco VPN client on our internal network to connect to client network, the traffic flows through SRX3600 when the VPN is launched it fails to connect. We do no see any traffic for UDP500 thats hitting the internal interface of the firewall. Filters were set on the SRX it see all other traffic except UDP -500. We have NAT-T on the SRX  and its working fine for all other traffic. we are currently running on Junos 103.R5.5

1 REPLY
SRX Services Gateway

Re: SRX does not see UDp 500 packet on its internal interface

06.03.12   |  
‎06-03-2012 12:42 AM

Hi

 

If you could post a cleaned verson of you config, then we could have a look at it.  I did have a problem with a work laptop that was running a Cisco VPN client.  It needed the ike-esp-nat setting under the security section

 

E.G.

 

security {

#YOUR CONFIG

    alg {
        ike-esp-nat {
            enable;
        }
    }

#YOUR CONFIG