08-24-2012 08:02 AM
Certain VPN clients have no issues traveling through my controller (Cisco Anyconnect for example) but others (Linux variants and generic ipsec VPN setups have issues connecting or fully passing through. My question is thins, how do I make sure all ipsec VPN communication is clear through my controller?
Any and all help is appreciated!
Network+ | CWNA | CWTS | ACSP | ACMP | ACMA | BREC
08-24-2012 08:12 AM
Here is my home-made "Catch all" for VPN that I typically recommend/implement in my installations.
Should capture the 99 percentile of situations for you :)
ip access-list session Guest_VPN
user any svc-l2tp permit
user any svc-esp permit
user any svc-ike permit
user any tcp 17 permit
user any udp 51 permit
user any udp 4500 permit
user any tcp 10000 10001 permit
user any udp 10000 10001 permit