cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2528
Views
0
Helpful
1
Replies

Port 10000 or UDP 500 on firewall.

kdaramola
Level 1
Level 1

Do I have to open port on firewall in order to use vpn client3.x or 4.x to connect to outside network. How do I configure my ASA to allow port TCP 10000 or udp 500 opened.

Clarification: my user inside network unable to connect to outside network using vpn client.

1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

Kehinde,

To use cisco vpn client from inside to connect to an outside RA Ipsec VPN server you simply need Ipsec pass through inspection configured in your global policy.

ciscoasa(config)# policy-map global_policy

ciscoasa(config-pmap)#class inspection_default

ciscoasa(config-pmap-c)#inspect ipsec-pass-thru

ciscoasa(config-pmap-c)#exit

See Ipsec pass through inspection section

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/inspect.html

you may also want to enable nat-t

ciscoasa(config)#crypto isakmp nat-traversal 20

Nat-T backround

http://www.cisco.com/en/US/docs/security/asa/asa81/command/ref/c5.html#wp2195488

Once done your inside cisco vpn clients should be able to vpn outside.

HTH

Rgds

Jorge

Jorge Rodriguez
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: