[Vpn-help] IPSec over TCP?

Matthew Grooms mgrooms at shrew.net
Sat Nov 22 18:26:09 CST 2008


Robert wrote:
> 
> One guess is that from inside my company's network, there may be other 
> internal NATs or PATs to the vpn concentrator and that may cause an issue.
> 

This would be my guess as well.

> In the Cisco client, under the transport tab, there is this option:
> (x) IPSec over UDP (NAT / PAT)
> ( ) IPSec over TCP    TCP Port: 10000
> 
> Does the Shew VPN client have something like 'IPSec over TCP'? I'm 
> hoping that is something that may resolve this issue.
> 

No, unfortunately not. This may get implemented at some point. However, 
UDP encapsulation is the published and widely accepted standard used to 
deal with NAT. IPsec over TCP is a proprietary vendor extension.

-Matthew



More information about the vpn-help mailing list