Port forwarding

hardiklodhia · ‎01-23-2007

hi,

i have a pix acting as a vpn server behind adsl router of isp.i want vpn clients from outside can connect by vpn.for that portforwarding is required on adsl.Does anybody know which ports to be forwarded for vpn.vpn clent is 4.0.5 on windows.

thanks in advance.

rgrds,

m.sir · ‎01-23-2007

On your ADSL router You need forward following:

protocol ESP (protocol number 50)

UDP port 500 (for ISKMP)

UDP port 4500 (for NAT traversal)

So router will be transparent for VPN connections

M.

Hope that helps rate if it does

hardiklodhia · ‎01-23-2007

Hi,

thanks,

my adsl router only have tcp options

how can i forward ESP?

is there any oyher way to make adsl transparent???

m.sir · ‎01-23-2007

command should be

"ip nat inside source static esp"

command was introduced in 12.2(1.4)

check this link for more info

http://www.cisco.com/en/US/products/ps6640/products_white_paper09186a00801af2b9.shtml

BUT

I didnt notice that its Easy VPN server (not site-to-site VPN)

It should be forward UDP 500 and UDP 4500 enough... You dont need forward esp for this scenario

M.

jheckart · ‎01-23-2007

What you can also do, which may be the best solution is to force the DSL modem to be an actual modem, and have the pix do the pppoe. This way the pix will get the public address, and you won't have to worry about the problems that you're encountering with that modem in it's current state.

Thanks,

Jeff

hardiklodhia · ‎01-23-2007

Hi,

i forwarded udp port 500 and 4500 but its not working.ANY HELP???

rgrds,