[Vpn-help] IPSec over TCP?

Matthew Grooms mgrooms at shrew.net
Sat Nov 22 18:26:09 CST 2008

Robert wrote:
> One guess is that from inside my company's network, there may be other 
> internal NATs or PATs to the vpn concentrator and that may cause an issue.

This would be my guess as well.

> In the Cisco client, under the transport tab, there is this option:
> (x) IPSec over UDP (NAT / PAT)
> ( ) IPSec over TCP    TCP Port: 10000
> Does the Shew VPN client have something like 'IPSec over TCP'? I'm 
> hoping that is something that may resolve this issue.

No, unfortunately not. This may get implemented at some point. However, 
UDP encapsulation is the published and widely accepted standard used to 
deal with NAT. IPsec over TCP is a proprietary vendor extension.


More information about the vpn-help mailing list