Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN Concentrator through Pix - Ports Required

Other than SSL, what ports are required to be opened on a pix to allow ssl and vpn tunnel traffic to pass/return to a natted vpn concentrator(3005) behind it? Latest and greatest IOS all around.

Patrick

1 REPLY
Silver

Re: VPN Concentrator through Pix - Ports Required

SSL is for management, not vpn use (yet)

nat-t will require udp 4500. the proprietary udp encapsulation used udp 10000 by default.

isakmp requires udp 500.

Need to allow ESP and or AH (ipsec protocols)

99
Views
0
Helpful
1
Replies
CreatePlease to create content