VPN Cleint 4.X

Unanswered Question
Oct 18th, 2009

Hi Guys,


I have a pc which has cisco vpn client 4.x installed on it and it is behind the company's pix firewall.


What ports are required to be open on the firewall so that it will allow outbound vpn connection from the pc. Is it UDP 500 or anything else?


Tks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Sun, 10/18/2009 - 19:58

if running code 7.x or above add ipsec pass-thru to global polciy for IPsec pass trhough

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/i2.html#wp1740887

pix-asa(config)# policy-map global_policy

pix-asa(config-pmap)# class inspection_default

pix-asa(config-pmap-c)# inspect ipsec-pass-thru

pix-asa(config-pmap-c)#exit


If PIX code 6.x you need to allow udp 500 (isakmp) , udp 4500 (nat-t) and esp protocol 50


Actions

This Discussion