cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
573
Views
0
Helpful
2
Replies

Cisco VPN Client behind firewall

jdemuth
Level 1
Level 1

I have a cisco 2621 running IOS ver 12.1 with the firewall feature set and I'm having trouble connecting to a VPN endpoint outside the firewall. I have UPD port 500 along with ESP, and AHP opened for both inbound and outbound traffic. The only thing I've been able to find on the internet says I should use NAT-T, but its doesn't appear to be support until IOS ver 12.2(13). Does anyone know a a way to make this work without upgrading the IOS? If not, will an IOS upgrade solve the porblem?

Thanks

2 Replies 2

sachinraja
Level 9
Level 9

You need to make sure you open the following ports :

udp 500

udp 4500

IP 50

IP 51...

if you are doing PAT to connect to the concentrator, u need to enable nat-transparency.. this is mandatory.... upgrade the IOS and enable this feature..

hope this helps.. all the best... rate replies if found useful...

Raj

I have udp 500, IP 50 and IP 51 open for 'any any' in the access list and using NAT overload and it appears to be working. What's port 4500 for?

Thanks