Allow Cisco VPN Client Out

Answered Question
Aug 24th, 2010

We need to allow a computer on the inside of our network to connect to an outside network using Cisco VPN Client.  I have the external IP address of the outside network we are connecting to.  We have an ASA5520.  Would I setup a rule to allow TCP PPTP 1723 and IP GRE 47 to the external IP address I was given?  Would there be any other ports that would need to be allowed?

Thanks.

I have this problem too.
0 votes
Correct Answer by Jennifer Halim about 6 years 3 months ago

If you would like to allow outbound Cisco VPN Client, then you would need to allow the following:

UDP/500

ESP

UDP/4500

plus you would need to allow "inspect ipsec-pass-thru"

Cisco VPN Client uses IPSec for VPN.

Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Jennifer Halim Tue, 08/24/2010 - 05:29

If you would like to allow outbound Cisco VPN Client, then you would need to allow the following:

UDP/500

ESP

UDP/4500

plus you would need to allow "inspect ipsec-pass-thru"

Cisco VPN Client uses IPSec for VPN.

Hope that helps.

Actions

This Discussion