Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1734
Views
0
Helpful
1
Replies

Kinetic GMM Required Ports

dimmesoete
Level 1
Level 1

‎11-06-2020 07:52 AM

For a Kinetic-enabled IR809 router, port 500 (ISAKMP/IKE) and 4500 (IPSEC) are required to be opened for connecting to the U.S. cluster for GMM. What if port 500 and 4500 are already forwarded to the customer's VPN service? Is it possible for Kinetic GMM to listen on other ports or how can I address the issue with the customer? 

 

Thank you,

Dan

Labels:
0 Helpful
1 Reply 1

Emmanuel Tychon
Cisco Employee
Cisco Employee

‎11-09-2020 12:18 AM - edited ‎11-09-2020 12:19 AM

Hello Dan -- 

 

A port being open or being forwarded are not the same thing.

 

 

  • If ports are open then Kinetic GMM gateway is able to send traffic using UDP on ports 500 and 4500 on any destination. The firewall and/or NAT traversal rules will allow the return traffic to pass and you are good to go.
  • If ports are forwarded inbound for the customer's VPN service, this has no impact.
  • If ports are forwarded outbound to the customer's VPN service that's a very unusual configuration. If that is the case can you explain the context and how this is configured? There is not easy way to change those ports numbers in GMM as this is tied to the so-called "WAN base" configurion on which there is no user access. 

Thanks

Emmanuel

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents