From: Tony Medeiros (tonygreat@xxxxxxxx)
Date: Fri Sep 01 2000 - 03:53:17 GMT-3
For IPSEC you need to open up AH or ESP type packets depending on what mode
you are using. Also IKE uses UDP port 500 I believe. The client should
work behind a PAT. I least the Cisco ver1.1 client did for me. I don't
have a clue about the beta code.
Tony
----- Original Message -----
From: "Sam Munzani" <sam@chinet.com>
To: "ccielab Groupstudy" <ccielab@groupstudy.com>
Sent: Thursday, August 31, 2000 8:03 AM
Subject: PIX VPN questions
> Hi Group,
>
> A Few VPN questions keeping IPSEC in mind.
>
> 1. If you are talking to remote PIX firewall using client VPN and you are
> sitting behind another flavor of firewall, what ports do you need to open
> in order for the VPN client to work?
>
> 2. If the firewall on your side is doing PAT, will VPN client work talking
> to remote PIX unit?
>
> 3. For site to site will DHCP work if you are using 5.2 beta code? 5.2
> Beta does support DHCP address on public address and PAT behind that
> address. I have a DSL site with DHCP address needs to be connected to main
> site.
>
> Thanks in advance,
>
> Sam Munzani
> sam@munzani.com
> Lab: Sept. 9-10 at San Jose
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:51 GMT-3