Pix VPN: What ports

Discussion in 'Cisco' started by Bjorn, Nov 5, 2003.

  1. Bjorn

    Bjorn Guest

    I'm about to establish a VPN connection between a Pix 501 and a Pix 506.
    Simple enough, but in the middle I have a third-party firewall (that I have
    no control over). The individual that is responsible for that firewall tells
    me he needs to know what ports to open.

    So my question is; you guessed it: What ports need to be open on that
    firewall to allow my IKE and IPSEC traffic?


    Bjorn
     
    Bjorn, Nov 5, 2003
    #1
    1. Advertising

  2. Bjorn

    Rainer Temme Guest

    "Bjorn" <> wrote in message
    news:6_5qb.4392$...
    > I'm about to establish a VPN connection between a Pix 501 and a Pix 506.
    > Simple enough, but in the middle I have a third-party firewall (that I

    have
    > no control over). The individual that is responsible for that firewall

    tells
    > me he needs to know what ports to open.
    >
    > So my question is; you guessed it: What ports need to be open on that
    > firewall to allow my IKE and IPSEC traffic?
    >
    >
    > Bjorn


    Hi Bjorn,

    IKE is done on udp/500

    IPsec however is not don on any "port", it uses
    the protocols 50 and 51 ... 50 = ESP , 51=AH

    Which of the two protocols is required, depends on how
    you configured IPsec between the 2 Pix's .

    Regards ... Rainer
     
    Rainer Temme, Nov 5, 2003
    #2
    1. Advertising

  3. Bjorn

    Bjorn Guest

    As I thought. Thanx a lot for the quick response Rainer!


    Bjorn

    "Rainer Temme" <> wrote in message
    news:boaqt3$i29$...
    >
    > "Bjorn" <> wrote in message
    > news:6_5qb.4392$...
    > > I'm about to establish a VPN connection between a Pix 501 and a Pix 506.
    > > Simple enough, but in the middle I have a third-party firewall (that I

    > have
    > > no control over). The individual that is responsible for that firewall

    > tells
    > > me he needs to know what ports to open.
    > >
    > > So my question is; you guessed it: What ports need to be open on that
    > > firewall to allow my IKE and IPSEC traffic?
    > >
    > >
    > > Bjorn

    >
    > Hi Bjorn,
    >
    > IKE is done on udp/500
    >
    > IPsec however is not don on any "port", it uses
    > the protocols 50 and 51 ... 50 = ESP , 51=AH
    >
    > Which of the two protocols is required, depends on how
    > you configured IPsec between the 2 Pix's .
    >
    > Regards ... Rainer
    >
    >
     
    Bjorn, Nov 5, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. YKP

    PIX/Cisco VPN/Ports Issue

    YKP, Oct 28, 2003, in forum: Cisco
    Replies:
    1
    Views:
    5,220
    Walter Roberson
    Oct 28, 2003
  2. GVB
    Replies:
    1
    Views:
    2,843
    Martin Bilgrav
    Feb 6, 2004
  3. Svenn
    Replies:
    3
    Views:
    743
    Svenn
    Mar 13, 2006
  4. Doug Fox

    Ports for Clientless VPN on Cisco VPN 3000 Series

    Doug Fox, Sep 9, 2005, in forum: Computer Security
    Replies:
    2
    Views:
    696
    Imhotep
    Sep 9, 2005
  5. Mike
    Replies:
    27
    Views:
    1,510
Loading...

Share This Page