Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
449
Views
0
Helpful
1
Replies

VPN - Authentication flow and ports used

8kpan
Level 1
Level 1

‎07-23-2004 06:55 PM

Our company plans to implement a new IPSec VPN solution. Details are as follows:

Equipment involved:

VPN 3030 concentrator, Cisco ACS server, 2 ACE servers, 2 Firewalls

In my understanding, the authentication flow of a VPN client will look like:

VPN client -> |FW| -> VPN 3030 -> ACS server -> ACE server

Is my understanding correct?

In each of the interaction, do you know which ports will going to be used?

Please kindly help.

Labels:
0 Helpful
1 Reply 1

aacole
Level 5
Level 5

‎07-27-2004 05:48 AM

One solution would use:

ISAKMP using UDP 500, ESP using IP Protocol 50. Also enable NAT-T using UDP 4500 if the VPN tunnel goes over a PAT device.

For the ACS, you could use RADIUS for authentication in which case UDP 1812 and if you want accounting then UDP 1813, this should suffice.

0 Helpful
Customers Also Viewed These Support Documents