Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
403
Views
0
Helpful
1
Replies

Ports needed for VPN Client to PIX VPN Device

unionbancorpit
Level 1
Level 1

‎08-06-2004 07:40 AM

We have an PIX 515 and a 2650 router (outside the PIX). We have a few users who VPN to the PIX from home using the Cisco VPN client. We are trying to tighten the ACL on the outside router so we need to allow the necessary traffic to allow the users to VPN. I am allowing port 47 and 1723 to the firewall's outside IP address but I am unable to connect. Thanks.

Labels:
0 Helpful
1 Reply 1

a.awan
Level 4
Level 4

‎08-07-2004 02:04 AM

I think you meant protocol 47 but this is GRE while port 1723 is PPTP. I personally think you must be using IPSec and for that to work properly you need to open the following to your firewall:

permit esp any host

permit udp any host eq isakmp

permit udp any host eq non500-isakmp

If this does not work include a line "deny ip any any log" at the end of your access-list and then see what is being denied. It will help you fix the issue.

0 Helpful
Customers Also Viewed These Support Documents