VPN clients will be given an IP address from the private IP ranges of 10.16.0.0/20 or 10.16.16.0/20. These private addresses will be mapped to a public IP in the 126.96.36.199/22 netblock by the use of dynamic PAT.
The Cisco VPN client can operate in one of three transport modes. The client needs access to the following protocols and ports. These details are also relevant to most native clients capable of connecting to the OUCS VPN Service including the OS X native VPN client and clients on iPhone, iPod touch and iPad, as well as many 3rd party clients.
|IPSec||ESP (IP protocol 50), UDP port 500|
|IPSec/TCP||TCP port 10000|
|IPSec/UDP||UDP ports 500, 10000|
There is nothing that inherently stops clients other than the Cisco VPN client from connecting to the OUCS VPN Service. For example, the open-source vpn client vpnc works well. However, many vendors choose not to support the protocols needed.
|Server platform||Cisco ASA 5500 series|
|Transport mode||IPSec, IPSec/TCP or IPSec/UDP|
|Authentication mode||IKE Extended Authentication (Xauth)|
|IPSec group name||oxford|
|IPSec group password||See the
|Xauth username||your Remote Access username|
|Xauth password||your Remote Access password|
|Authentication Algorithm||Encryption Algorithm||Diffie-Hellman Group|