Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Configuring firewall for access a webbase application

From: "Hilal Hussein" <hilalma () hotmail com>
Date: Wed, 21 May 2003 11:12:58 +0000

Dear Sir,
I would like to extend my thanks to you for the very informative discussion list, and I would to ask for a solution for the bellow senario.
I have an internal network, i created a VPN session using microsoft pptp VPN, and tried to connect to webbase application "Galileo", it failed. It gives an error message saying that port required for this connection is closed.
the port required for the connection is 1723 mapped by protocol 47. Once we open the required port for the web application connectivity, a map (real ip to local ip) is needed, so that the local ip will be the gateway where the VPN connection will be created and shared to all internal users.
Question: I need to know what I have to change in the firewall - Cisco PIX 520 5.0(2) – and how to do these changes in order to be able to access the website from my internet network, 



With regards,

Hilal Hussein

------------------------------------------------------------------------------------------------------------------------------------------

Configuring a Firewall for Access via the Internet/VPN
NOTE: This configuration should only be used when access to the reservation system is via a dial-up or dedicated Internet connection. If you are accessing the reservation system via a circuit provided by Galileo, refer to page 5 – Configuring a Firewall for Dedicated TCP/IP Circuit. Follow the instructions based on the client you are using (PPTP or IPSec). 

PROTOCOLS:


      PPTP: GRE (Protocol 47 mapped to port 1723) – Microsoft PPTP VPN ONLY

PORTS:  (PAT-Port Address Translation is NOT permitted)
PPTP Switch: 1723 / TCP Traffic / Outbound Only (Microsoft PPTP VPN ONLY. Not necessary for IPSec clients.) 

DNS SUPPORT:  (Must be able to PING from the client workstation:)

           Microsoft PPTP VPN Client:    PING vpn.galileo.com
Device Galileo® System Apollo® System 
PPTP VPN Switch      vpn.galileo.com             vpn.galileo.com
                                   12.17.202.16               12.17.202.16

Config Servers           vpnipcs.galileo.com       vpnipcs.galileo.com
                                   172.20.200.2               172.20.200.2

IP Concentrators       vpnipc.galileo.com        vpnipc.galileo.com
                                   172.20.200.1               172.20.200.1

_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: