Re: [fw-wiz] Cisco VPN client behind a Netscreen
From: Ravi Kumar (ravivsn_at_roc.co.in)
Date: 11/06/03
- Previous message: Richard Snow: "[fw-wiz] VPN and new ISP"
- In reply to: Aram Smith: "[fw-wiz] Cisco VPN client behind a Netscreen"
- Next in thread: Luigi Mori: "Re: [fw-wiz] Cisco VPN client behind a Netscreen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Aram Smith <aram.smith@appiancorp.com> Date: 06 Nov 2003 10:25:48 +0530
Hi,
Any Edge router when needs to service IPSec traffic to its LAN machines
should have 500 port open for incoming traffic for IKE to negotiate. And
also open ESP and AH protocols for incoming traffic.
Hope this helps,
Best Regards,
Ravi
Rendezvous On Chip (i) Pvt Ltd,
Hyderabad,
INDIA.
http://www.roc.co.in
On Wed, 2003-11-05 at 23:43, Aram Smith wrote:
> I have recently implemented a Netscreen 50 and I have users behind it that use a Cisco VPN client to connect to a Cisco Pix which I have no control over. Their VPN client is not functioning properly. Currently I have a policy allowing outbound traffic any from all inside. Does anyone know if I also need to create an IPSEC policy for inbound traffic? Thanks, Aram Smith
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Richard Snow: "[fw-wiz] VPN and new ISP"
- In reply to: Aram Smith: "[fw-wiz] Cisco VPN client behind a Netscreen"
- Next in thread: Luigi Mori: "Re: [fw-wiz] Cisco VPN client behind a Netscreen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
