Hi, sorry if this has been covered before. I need to provide vpn client access to a cisco pix 501 (6.3.5). The remote users will be behind a non cisco firewall (not that it should matter I guess). What port should the remote networks sysadmin open on his firewall to allow vpn client out? I've read UDP port 500, can anyone confirm this?
i dont think you will need to open a certain ports since the client will initiate a vpn from inside the network behind that firewall and i think automatically that firewall will set up a statefull database to allow the traffic comming back. but if it s not a statefull firewall i think you need to open isakmp port 500, esp port 50 and if u use ah open also 51, if you are using nat/pat i think you will need to use esp with TCP or UDP and by default tha use also the port 10000 unless modified by the admin from the client software.
Cheers for the pointer, Kamal.The sysadmin at the other end has a massively locked down outbound rule set for internal clients. I've asked him about ISAKMP UDP 500 and TCP 10000. Hopefully he will help out :)
ps, this was first post on here, how do I rate replies?
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...