03-22-2010 02:57 AM
Hey folks,
Got another problem with EasyVPN that requires some assistance.
Or actually, not as much a problem but more a wish.
I saw that easyVPN is able to send the VPN traffic over TCP.
You can also specify the port to use.
vpnclient ipsec-over-tcp port <port number>
Now it would be really great if it would be possible to set up the tunnel over a standard port
that is open on most firewalls: 443
Unfortanetly when i do this:
vpnclient ipsec-over-tcp port 443
The tunnel is gone and wont set itself back up.
Is it possible to do this, and send it over 443 or another standard port?
The errors/messages in the EasyVPN server log:
Built inbound TCP connection 625 for outside:10.1.0.2/1075 (10.1.0.2/1075) to identity:10.0.0.1/443 (10.0.0.1/443)
Teardown TCP connection 625 for outside:10.1.0.2/1075 to identity:10.0.0.1/443 duration 0:00:08 bytes 0 TCP Reset-O
Any ideas on this?
Solved! Go to Solution.
03-22-2010 04:46 AM
Unfortunately can't use any of the well known ports, ie: anything below port 1024.
03-22-2010 03:23 AM
Unfortunately not on port 443. You would need to use TCP port higher than 1024 for the ipsec-over-tcp port#.
TCP/443 is application specific (well known port) for https, therefore you can't use it and most firewall/application inspection device would inspect it as a normal HTTPS traffic and ipsec-over-tcp does not resemble the HTTPS.
03-22-2010 04:44 AM
Yeah thats why 443 would have been great, as it is open pretty much always even at external clients LAN's.
Is there any other common port that can be used?
03-22-2010 04:46 AM
Unfortunately can't use any of the well known ports, ie: anything below port 1024.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide