VPN over UMTS

Hi guys !

I'm not sure if the USA group can give any input to this or if I have a somehow European problem as it's related to a UMTS connection. Our company has some "try and buy" UMTS boxes from the German provider T-Mobile. In the default configuration, they assign private IP addresses and apparently do NAT for Internet access. In this setup, the Cisco VPN client does not work but as soon as I'm requesting a public address (this can be done in the software), things work fine. Does anybody know why it doesn't work with the private address and NAT? It should be quite the same as with NAT behind a DSL router (which also works), shouldn't it? We'd prefer the NAT thing fort security reasons.

TIA

fw

Reply to
Frank Winkler
Loading thread data ...

Frank Winkler schrieb:

I have some road warriors with T-Mobile UMTS cards and Cisco VPN clients working.

With Vodafone cards I regularly have timeouts after about 10 minutes. Vodafone offers a public IP address to the client and the VPN Client does NOT use udp encapsulation for NAT/PAT traversal. It seem that Vodafone does not count the esp protocol for their idle-timeout.

I don't have such problem with the T-Mobile cards (at least at the moment)

I'm terminating the VPN clients on an IOS router.

Reply to
Uli Link

The T mobile service may be behind a proxy rather than just a NAT, and is not allowing the right protocols thru.

Try using TCP based encapsulation with the client.

Reply to
stephen

Apparently, they are even running NAPT, which should be quite similar to a proxy. But according to their web pages, the Cisco client should work (sample config for 4.1).

Regards

fw

Reply to
Frank Winkler

I also know some people who have it working. Maybe I should check their config.

Regards

fw

Reply to
Frank Winkler

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.