Allow Web on upper level ports

Unanswered Question
Jan 16th, 2003
User Badges:

I have a VPN setup and working (PIX to Contivity) to access a web-based application. The application does not use the traditional 80 or 8080 ports. It starts in the 7xxx range and can grow depending on connection number. The VPN is working, but I get blocked from using the web page on this upper level port. Is there are way to allow http traffic on these upper level ports?

Thanks for your help

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
engel Sat, 01/18/2003 - 05:49
User Badges:

How do you set your "crypto" access-list ?

I think it would be simply just to define several "crypto" access-lists on the PIX to match interesting traffic to be encrypted, with a destination of tcp 7xxx . How about the packet`s source , does it use upper level random ports also ?



mloggins Mon, 01/20/2003 - 08:25
User Badges:

The crypto access-lists are set to allow all ip traffic from the ip address through, not specific ports. Can you specify a range of addresses in a single access-list ?


This Discussion