Re: OT:VPN dial in

From: Mohamed.N (mohamed_n@sifycorp.com)
Date: Mon Apr 10 2006 - 08:09:12 GMT-3

• Next message: Alexei Monastyrnyi: "best practice with time zones?"
• Previous message: Gustavo Novais: "RE:"
• Maybe in reply to: Mohamed.N: "OT:VPN dial in"
• Next in thread: Alexei Monastyrnyi: "Re: OT:VPN dial in"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Cisco PIX and Cisco VPN client

----- Original Message -----
From: "Alexei Monastyrnyi" <alexeim@orcsoftware.com>
To: "Mohamed.N" <mohamed_n@sifycorp.com>
Cc: <ccielab@groupstudy.com>
Sent: Monday, April 10, 2006 4:28 PM
Subject: Re: OT:VPN dial in

> What VPN clients do you use?
>
> TCP 1723 for PPTP
> IP 50 (ESP) + UDP 500 for IPSec
> UDP 500 + UDP 4500 for IPSec with NAT-T
>
> all are in terms of destination port or protocol.
>
> but you should not be in need of opening some special ports from inside
> to outside unless you have some very special security rules....
>
> A.
>
> on 10/04/2006 12:20 Mohamed.N wrote:
> > Hi All
> >
> > Sorry for slightly OT.
> > What ports to allow in the PIX inbound ACL for a PC to dial VPN from PIX
> > inside to outside ?
> > I have to allow the whole IP from the outside VPN server to my inside
LAN in
> > my inbound PIX ACL,which is showing a RED signal in the audits..
> > I tried to lookup the ports in syslog, but syslog is not capturing the
port
> > number....i tried allowing esp,udp 500 etc..no hopes..
> > Pls help.
> >
> > Regards
> > Mohamed.
> > ********** DISCLAIMER **********
> > Information contained and transmitted by this E-MAIL is proprietary to
> > Sify Limited and is intended for use only by the individual or entity to
> > which it is addressed, and may contain information that is privileged,
> > confidential or exempt from disclosure under applicable law. If this is
a
> > forwarded message, the content of this E-MAIL may not have been sent
with
> > the authority of the Company. If you are not the intended recipient, an
> > agent of the intended recipient or a person responsible for delivering
the
> > information to the named recipient, you are notified that any use,
> > distribution, transmission, printing, copying or dissemination of this
> > information in any way or in any manner is strictly prohibited. If you
have
> > received this communication in error, please delete this mail & notify
us
> > immediately at admin@sifycorp.com
> >
> > www.sify.com - your homepage on the internet for news, sports, finance,
> > astrology, movies, entertainment, food, languages etc

• Next message: Alexei Monastyrnyi: "best practice with time zones?"
• Previous message: Gustavo Novais: "RE:"
• Maybe in reply to: Mohamed.N: "OT:VPN dial in"
• Next in thread: Alexei Monastyrnyi: "Re: OT:VPN dial in"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon May 01 2006 - 11:41:56 GMT-3