Default ports for the Cisco VPN v2.5.2 and v3.0 client with 'IPSEC through NAT' enabled are UDP 500 (IPSEC), 10000 (ESP header) allowed to originate from either the client or the VPN concentrator.
Greg S.
-----Original Message-----
From: Lemke, Andy
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Sent: 6/15/01 10:30 AM
Subject: RE: VPN ports
IPSEC doesn't used TCP ports 50 or 51. It uses "protocol 50" and
"protocol 51". (TCP itself is protocol 6).
You might want to read up on your ports and protocols at www.iana.org.
I doubt that you'll be able to get this to work because NAT is
completely impossible if you want full IPSEC.
-Andy
-----Original Message-----
From: [EMAIL PROTECTED] [ mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> ]
Sent: Friday, June 15, 2001 10:23 AM
To: [EMAIL PROTECTED]
Subject: VPN ports
Hi all,
One of my users have a DSL at home and he has a Linksys BEFW1154
cable/DSL
modem. We are having trouble connecting to the office via VPN using the
Cisco VPN client. At the office we have a Cisco VPN concentrator and it
is
configured for IPSEC. We have tried opening ports 50, 51, 1701 and
10000.
BTW, he is also doing NAT. I didn't think there is any other ports
that
need to be open. Any ideas?
Thanks.
Diana
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
<http://lists.gnac.net/mailman/listinfo/firewalls>
The sender believes that this E-mail and any attachments were free of
any virus, worm, Trojan horse, and/or malicious code when sent. This
message and its attachments could have been infected during
transmission. By reading the message and opening any attachments, the
recipient accepts full responsibility for taking protective and remedial
action about viruses and other defects. The sender's employer is not
liable for any loss or damage arising in any way from this message or
its attachments.
