From: Alexei Monastyrnyi (alexeim@orcsoftware.com)
Date: Mon Apr 10 2006 - 07:58:04 GMT-3
What VPN clients do you use?
TCP 1723 for PPTP
IP 50 (ESP) + UDP 500 for IPSec
UDP 500 + UDP 4500 for IPSec with NAT-T
all are in terms of destination port or protocol.
but you should not be in need of opening some special ports from inside
to outside unless you have some very special security rules....
A.
on 10/04/2006 12:20 Mohamed.N wrote:
> Hi All
>
> Sorry for slightly OT.
> What ports to allow in the PIX inbound ACL for a PC to dial VPN from PIX
> inside to outside ?
> I have to allow the whole IP from the outside VPN server to my inside LAN in
> my inbound PIX ACL,which is showing a RED signal in the audits..
> I tried to lookup the ports in syslog, but syslog is not capturing the port
> number....i tried allowing esp,udp 500 etc..no hopes..
> Pls help.
>
> Regards
> Mohamed.
> ********** DISCLAIMER **********
> Information contained and transmitted by this E-MAIL is proprietary to
> Sify Limited and is intended for use only by the individual or entity to
> which it is addressed, and may contain information that is privileged,
> confidential or exempt from disclosure under applicable law. If this is a
> forwarded message, the content of this E-MAIL may not have been sent with
> the authority of the Company. If you are not the intended recipient, an
> agent of the intended recipient or a person responsible for delivering the
> information to the named recipient, you are notified that any use,
> distribution, transmission, printing, copying or dissemination of this
> information in any way or in any manner is strictly prohibited. If you have
> received this communication in error, please delete this mail & notify us
> immediately at admin@sifycorp.com
>
> www.sify.com - your homepage on the internet for news, sports, finance,
> astrology, movies, entertainment, food, languages etc
This archive was generated by hypermail 2.1.4 : Mon May 01 2006 - 11:41:56 GMT-3