Message Image

Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

Skip main navigation (Press Enter).

Wireless Access

last person joined: 12 hours ago

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.

Back to discussions

Expand all | Collapse all

How to NOT block IPSEC?

This thread has been viewed 1 times

1. How to NOT block IPSEC?

0 Kudos
americanmcneil
Posted Aug 24, 2012 11:02 AM

Reply Reply Privately
Certain VPN clients have no issues traveling through my controller (Cisco Anyconnect for example) but others (Linux variants and generic ipsec VPN setups have issues connecting or fully passing through. My question is thins, how do I make sure all ipsec VPN communication is clear through my controller?

Any and all help is appreciated!
2. RE: How to NOT block IPSEC?

0 Kudos
jfernyc
Posted Aug 24, 2012 11:13 AM

Reply Reply Privately
Here is my home-made "Catch all" for VPN that I typically recommend/implement in my installations.

Should capture the 99 percentile of situations for you :)

JF

!
ip access-list session Guest_VPN
user any svc-l2tp permit
user any svc-esp permit
user any svc-ike permit
user any tcp 17 permit
user any udp 51 permit
user any udp 4500 permit
user any tcp 10000 10001 permit
user any udp 10000 10001 permit
!

Powered by Higher Logic