Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Application access thru firewall

I have a special application running on internal network protected by the firewall,at the same time VPN connection is established.For etc my appllication is using port 10000 & 11000 to established connection.How should I apply in firewall to allow access for vpn users.

2 REPLIES
Bronze

Re: Application access thru firewall

You can use conduit or Access list to open this port for the IP range you want. Aalso if this application by default operates on other ports other then 10000 and 11000, you can use the command fixup protocol to set the port number.

Re: Application access thru firewall

Hi,

if you use 'sysopt permit-ipsec' then all the traffic that exits the authenticated vpn tunnel is allowed to your application and no access-list is necessary.

If you do not want to allow all the traffic that exits the authenticated vpn tunnel you should remove the 'sysopt permit-ipsec' and create an access-list for the allowed traffic and apply this access-list to the outside interface.

Regards,

Tom

92
Views
5
Helpful
2
Replies
CreatePlease to create content