×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

VPN Cleint 4.X

Unanswered Question
Oct 18th, 2009
User Badges:

Hi Guys,


I have a pc which has cisco vpn client 4.x installed on it and it is behind the company's pix firewall.


What ports are required to be open on the firewall so that it will allow outbound vpn connection from the pc. Is it UDP 500 or anything else?


Tks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Sun, 10/18/2009 - 19:58
User Badges:
  • Green, 3000 points or more

if running code 7.x or above add ipsec pass-thru to global polciy for IPsec pass trhough

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/i2.html#wp1740887

pix-asa(config)# policy-map global_policy

pix-asa(config-pmap)# class inspection_default

pix-asa(config-pmap-c)# inspect ipsec-pass-thru

pix-asa(config-pmap-c)#exit


If PIX code 6.x you need to allow udp 500 (isakmp) , udp 4500 (nat-t) and esp protocol 50


Actions

This Discussion