[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] VPN again...

Subject: RE: [cobalt-users] VPN again...
From: BSmith@xxxxxxxxxxx
Date: Thu Nov 14 09:31:02 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

-----Original Message-----
From: Santiago Montalvan [mailto:smontalvan@xxxxxxxxxxxxxxxxx]
Subject: [cobalt-users] VPN again...

I am trying to setup a remote access VPN with a Qube3 but it is not working,
it cannot authenticate users for some reason.  My Qube3 is behind a Cisco
PIX firewall, what ports should I open to allow VPN traffic?  TCP 1723 and
what else?

Any help would be appreciated.

Santiago.
______________________________

If you are using an IPSEC tunnel, then read the following quote from
Freeswan

"If firewalls filter out:

either the UDP port 500 packets used in IKE negotiations 
or the ESP and AH (protocols 50 and 51) packets used to implement the IPsec
tunnel 
then IPsec cannot work. The first thing to check if packets seem to be
vanishing is the firewall rules on the two gateway machines and any other
machines along the path that you have access to."

If you are using the PPTP Tunnel (a whole lot less secure, why bother with a
VPN then?! :-) )

pptp            1723/tcp    pptp
pptp            1723/udp    pptp

I would setup an access on your PIX logging any of your traffic coming from
the Qube3.  That way you can see what ports you are using.

Brian Smith 
CCNA, NCSA
Network Support Engineer
SOLUSERVE
       www.solunet.com
1571 Robert J. Conlan Blvd., Suite 110
Palm Bay, FL  32905
(888)449-5766
fax: (321)-676-1287

Prev by Date: [cobalt-users] VPN again...
Next by Date: [cobalt-users] dns on a raq 550
Previous by thread: [cobalt-users] VPN again...
Next by thread: [cobalt-users] dns on a raq 550

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index