A question about security profile for a VPN tunnel

Hello,

Since past 3-4 days, I have been trying different options to resolve an issue with a remote site VPN tunnel. I have the tunnel up and working. I have tried using IPSEC with low,medium and strict security profile. Since I am using Shiva VPN devices, I have tried using their Shiva Smart Tunnels too. They all work fine. I can perform all the normal operations like file copy, establish VNC sessions and browse interent too. The only problem is with the telnet session from that remote site to another site which goes through my comapny LAN. The telnet session works fine from the internal company LAN, but it doesnt work from that remote site. It starts of well allowing the users to log in, but once they log in, it freezes up. I am assuming that its the VPN connection, possibly the encryption or the encapsulation that is causing this problem. Somewhere in between the tunnel, the data is getting corrupted. I could be wrong. I need some advice here, as that telnet application is very crucial for that site to run.

Here are the security profiles that I have tried:

secure-profile IPSEC-Default encapsulation v2-esp authentication key secondary-authentication none ike-group 7 ike-algorithm 3des ike-authentication hmac-md5 ike-crypto-period 2880 ike-kbyte-limit 0 aggressive-mode off perfect-forward-secrecy off ipsec-commitbit disable negotiate-higher-security off preserve-tos on esp-authentication hmac-md5 ah none algorithm aes-128 tunnel-esp-mode on crypto-period 720 kbyte-limit 100000 timeout 65 keep-alive 15 client-timeout 65 client-keep-alive 15 udp-encapsulation 0 split-tunnel disable

secure-profile S2S-TUNNEL encapsulation sst authentication key preserve-tos on public-key-length 512 algorithm des crypto-period 720 timeout 180 keep-alive 60 client-timeout 180 client-keep-alive 60 compression on protocol 17 packet-key enable split-tunnel disable

thanks Ankit

Reply to
apsolar
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.