Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
287
Views
0
Helpful
1
Replies

VPN Behind A Firewall

kendo.igor
Level 1
Level 1

‎11-23-2002 04:43 PM - edited ‎02-21-2020 12:11 PM

W have a PIX 515E as our firewall. We have a second PIXl that we are planning to setup behind the firewall as a dedicated VPN. What port and protocols do I have to allow through the firewall so that the mobile users can make a VPN connection to the PIX serving as a VPN. I'm going to use IPSec and L2TP.

Thanx.

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎11-24-2002 03:36 PM

You'll need a one-to-one static address translation for the inside PIX. Then allow the following:

IPSec:

UDP port 500

IP protocol 50

IP protocol 51

L2TP:

UDP port 1701

To allow the IP protocl traffic for IPSec through, the access-list looks like the following:

access-list 100 permit 50

access-list 100 permit 51

The PIX will change these numbers to "esp" and "ah" respectively.

0 Helpful
Customers Also Viewed These Support Documents