Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

PIX Firewall and VPN Ports

Question of convenience: is it fairly safe to permit outbound ports 500, 50 and 10000 to any outside address for VPN connections without compromising security?

Tired of setting up inside-to-outside statics on my firewall for every VPN session that requires ESP and GRE in our NAT environment.

3 REPLIES
Community Member

Re: PIX Firewall and VPN Ports

I guess this is not safe;

Community Member

Re: PIX Firewall and VPN Ports

Interesting question with no simple answer. What is deemed "safe" or "not safe" is directly dependant on your company's security policy.

Mike

Community Member

Re: PIX Firewall and VPN Ports

I would definitly say no ... Having someone on your internal network that has VPN access (that you may or maynot know of) to anywhere on the internet that you have no control of what traffic they are passing is in no way "secure" IMHO

354
Views
0
Helpful
3
Replies
CreatePlease to create content