More: Port 443 and 444 need to be open -----Original Message----- From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of Jerry Richardson Sent: Monday, December 28, 2009 11:16 AM To: WISPA General List Subject: Re: [WISPA] CheckPoint VPN/firewall
This is specific to Checkpoint VPN: Allow the following services: TCP/264 (Topology Download) TCP/256 UDP 259 IKE IPSEC and IKE (UDP on port 500) IPSEC ESP (IP type 50) IPSEC AH (IP type 51) TCP/500 (if using IKE over TCP) UDP 2746 or another port (if using UDP encapsulation) SecureClient specific connections: FW1_scv_keep_alive (UDP port 18233) - used for SCV keep-alive packets FW1_pslogon_NG (TCP port 18231) or (TCP port 65524 for Application Intelligence) - used for SecureClient's logon to Policy Server protocol FW1_sds_logon (TCP port 18232) - used for SecureClient's Software Distribution Server download protocol tunnel_test (UDP port 18234) - used by Check Point tunnel testing application -----Original Message----- From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of Jerry Richardson Sent: Monday, December 28, 2009 11:12 AM To: n...@brevardwireless.com; WISPA General List Subject: Re: [WISPA] CheckPoint VPN/firewall Perhaps this will help http://www.spywarepoint.com/ipsec-ports-t43658.html -----Original Message----- From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of Nick Olsen Sent: Monday, December 28, 2009 10:55 AM To: wireless@wispa.org Subject: [WISPA] CheckPoint VPN/firewall We have a customer that is playing host to some Russian Guests, They are trying to connect to a checkpoint vpn in moscow. It looks like it is standard IPsec. It won't connect on our network, But will on other networks. We've torched to hell and back on what might be happening. But because of language barriers and the fact that they can't leave the facility they are at, or set us up any type of test VPN we could test with to fix the problem we have come to a standstill on what to do. Our network is all mikrotik based. What we were hoping for is if anyone had a check point vpn/firewall we could test with or if anyone had any insight on getting it to play nice with mikrotik. Nick Olsen Brevard Wireless (321) 205-1100 x106 -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
