Wireless Access

Frequent Contributor II

How to NOT block IPSEC?

Certain VPN clients have no issues traveling through my controller (Cisco Anyconnect for example) but others (Linux variants and generic ipsec VPN setups have issues connecting or fully passing through. My question is thins, how do I make sure all ipsec VPN communication is clear through my controller?


Any and all help is appreciated!

Scott McNeil - Sr. Network & Security Engineer, Global Process Automation
Network+ | CWNA | CWTS | ACSP | ACMP | ACMA | BREC

Re: How to NOT block IPSEC?

Here is my home-made "Catch all"  for VPN that I typically recommend/implement in my installations.  


Should capture the 99 percentile of situations for you :)




ip access-list session Guest_VPN

  user any svc-l2tp permit

  user any svc-esp permit

  user any svc-ike permit

  user any tcp 17 permit

  user any udp 51 permit

  user any udp 4500 permit

  user any tcp 10000 10001 permit

  user any udp 10000 10001 permit


Search Airheads
Showing results for 
Search instead for 
Did you mean: