01-23-2007 06:40 AM - edited 03-03-2019 03:27 PM
hi,
i have a pix acting as a vpn server behind adsl router of isp.i want vpn clients from outside can connect by vpn.for that portforwarding is required on adsl.Does anybody know which ports to be forwarded for vpn.vpn clent is 4.0.5 on windows.
thanks in advance.
rgrds,
01-23-2007 07:06 AM
On your ADSL router You need forward following:
protocol ESP (protocol number 50)
UDP port 500 (for ISKMP)
UDP port 4500 (for NAT traversal)
So router will be transparent for VPN connections
M.
Hope that helps rate if it does
01-23-2007 07:19 AM
Hi,
thanks,
my adsl router only have tcp options
how can i forward ESP?
is there any oyher way to make adsl transparent???
01-23-2007 12:16 PM
command should be
"ip nat inside source static esp"
command was introduced in 12.2(1.4)
check this link for more info
http://www.cisco.com/en/US/products/ps6640/products_white_paper09186a00801af2b9.shtml
BUT
I didnt notice that its Easy VPN server (not site-to-site VPN)
It should be forward UDP 500 and UDP 4500 enough... You dont need forward esp for this scenario
M.
01-23-2007 12:37 PM
What you can also do, which may be the best solution is to force the DSL modem to be an actual modem, and have the pix do the pppoe. This way the pix will get the public address, and you won't have to worry about the problems that you're encountering with that modem in it's current state.
Thanks,
Jeff
01-23-2007 11:05 PM
Hi,
i forwarded udp port 500 and 4500 but its not working.ANY HELP???
rgrds,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: