I need to allow an AT&T global network client vpn connection on one of our client PC's access through our ASA5510. I was given a white paper on what ports and protocols I need to allow but don't know how to go about opening up these ports and protocols. There's a note that reads, "IPSEC traffic must be allowed as well".
Port 500 UDP In and Out
Port 4500 UDO In
Protocol ESP(50) In and Out
I'd appreciate any help.
Randy, you could also do it through acl, the link provided by previous poster should have done the trick by creating a policy-map for ipsec pass through.
In any case, this is what I have in my pix for cisco vpn client pass through initiated from my inside network if applies.
access-list inside permit udp any any eq 500
access-list inside permit udp any any eq 4500
access-list inside permit esp any any
access-group inside in interface inside
also check your static one-to-one translations for the machine you are testing this vpn client connection from, and that the other end is allowing you through based on your public Ip info.