Every so often we encounter a problem where we cannot get an IPSEC VPN tunnel to work. Sometimes we know the local authorities restrict use of IPSEC (e.g. Bangladesh), and have to get some kind of exemption. Other times the ISP changes something and the connection drops (e.g. Haiti).
I assume there are a bunch of things that might prevent IPSEC from working. For example, blocking UDP port 500 would prevent IKE.
Rather than looking for a resolution for a specific problem, can anyone give a list of what different things an ISP might do to block IPSEC traffic, either on purpose or by accident?
The answer to this question will be useful in troubleshooting, but also letting ISPs know what specific things they need to fix when we can't get our VPN up!