udp traffic not passing over vpnclient connection to pix ASA 7.2

Pix running 7.2 terminating connection from latest windows vpnclient ipsec over tcp, client won't pass udp traffic such as xdmcp. I'm familiar with the old fixup protocol which I understand is replaced by MPF traffic inspection logic. But, I was unaware this affects vpn traffic in any way. And, the default policy should allow for xdmcp

Otherwise, the vpnclient setup is as follows...

group-policy * attributes dns-server value x.x.x.x vpn-idle-timeout none ipsec-udp enable ipsec-udp-port 10000 split-tunnel-policy tunnelspecified split-tunnel-network-list value split-tunnel

... access-list split-tunnel extended permit ip

Any ideas?

class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras inspect netbios inspect rsh inspect rtsp inspect skinny inspect esmtp inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp

service-policy global_policy global

Reply to
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.