Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Outbound VPN Connections-Firewall Newbie

I have a small company with a single pix that seems to be blocking outbound vpn connections. The companies professional services dept need to connect to other company networks using the other companies vpn clients (mostly cisco).

I didnt set up this firewall, an administrator before me did. What should i be looking for as far as filtering?

4 REPLIES
Silver

Re: Outbound VPN Connections-Firewall Newbie

you should be looking to give us more info ;-)

Are you using NAT/PAT?

Look for any "access-group xxxxx in interface inside " commands. If there is one that references the inside interface, that is the one that would impact outbound communication the most.

New Member

Re: Outbound VPN Connections-Firewall Newbie

Yes, all the internal networks are using NAT. What ports/services would have to be filtered to block this traffic?

Silver

Re: Outbound VPN Connections-Firewall Newbie

for ipsec, udp 500 and esp and ah protocols (ip protocols 50 and 51 respectively). for pptp, gre and a tcp port whose number i cannot recall.

that said, do you know for certain the vpn solution will work from behind nat?

New Member

Re: Outbound VPN Connections-Firewall Newbie

No, i guess i am not sure if it will work from behind nat, but never thought that to be a problem.

Half of this company employees, including myself have home wireless routers that use nat. We all connect our our companies vpn fine from 192.168.x.x.

Is there something more to vpn and nat that i should know about?

263
Views
0
Helpful
4
Replies
CreatePlease to create content