Ping a Specific Port

Question

Matt

Asked: 2010-01-30 09:15:02 +0800 CST2010-01-30 09:15:02 +0800 CST 2010-01-30 09:15:02 +0800 CST

How do I allow IPSec over TCP through a Cisco ASA?

772

I have a internal user that needs to connect via VPN to an external company. The external company's vpn is using IPSec over TCP on port 57369. When my user tries to connect it fails. The logs on my ASA show the following. Deny TCP (no connection) from 172.x.x.x/1155 to 167.x.x.x/57369 flags RST on interface Inside

How do I allow this traffic through my ASA?

Thanks!

2 Answers

Voted

smithian · Answer 1 · 2010-01-30T09:48:49+08:00

Best Answer

smithian

2010-01-30T09:48:49+08:002010-01-30T09:48:49+08:00

Try adding this to your asa config:

policy-map global_policy
  class inspection_default
    inspect ipsec-pass-thru

2

Matt · Answer 2 · 2010-01-30T11:41:48+08:00

Matt

2010-01-30T11:41:48+08:002010-01-30T11:41:48+08:00

After capturing the traffic and testing some different setting. The problem looks like its on the remote side, not my ASA. I confirmed with Cisco that I'll I need to do is have inspect ipsec-pass-thru.

Thanks!

0

How do I allow IPSec over TCP through a Cisco ASA?

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?