Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

VPN Cleint 4.X

Hi Guys,

I have a pc which has cisco vpn client 4.x installed on it and it is behind the company's pix firewall.

What ports are required to be open on the firewall so that it will allow outbound vpn connection from the pc. Is it UDP 500 or anything else?

Tks

1 REPLY

Re: VPN Cleint 4.X

if running code 7.x or above add ipsec pass-thru to global polciy for IPsec pass trhough

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/i2.html#wp1740887

pix-asa(config)# policy-map global_policy

pix-asa(config-pmap)# class inspection_default

pix-asa(config-pmap-c)# inspect ipsec-pass-thru

pix-asa(config-pmap-c)#exit

If PIX code 6.x you need to allow udp 500 (isakmp) , udp 4500 (nat-t) and esp protocol 50

122
Views
0
Helpful
1
Replies
CreatePlease to create content