Firewall Wizards mailing list archives

Re: Cisco VPN client behind a Netscreen

From: Ravi Kumar <ravivsn () roc co in>
Date: 06 Nov 2003 10:25:48 +0530

Hi,
 Any Edge router when needs to service IPSec traffic to its LAN machines
should have 500 port open for incoming traffic for IKE to negotiate. And
also open ESP and AH protocols for incoming traffic.

Hope this helps,
Best Regards,
Ravi
Rendezvous On Chip (i) Pvt Ltd,
Hyderabad,
INDIA.
http://www.roc.co.in

On Wed, 2003-11-05 at 23:43, Aram Smith wrote:

I have recently implemented a Netscreen 50 and I have users behind it that use a Cisco VPN client to connect to a 
Cisco Pix which I have no control over. Their VPN client is not functioning properly. Currently I have a policy 
allowing outbound traffic any from all inside. Does anyone know if I also need to create an IPSEC policy for inbound 
traffic? Thanks, Aram Smith
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Cisco VPN client behind a Netscreen Aram Smith (Nov 05)
- Re: Cisco VPN client behind a Netscreen Ravi Kumar (Nov 06)
- Re: Cisco VPN client behind a Netscreen Luigi Mori (Nov 06)
- RE: Cisco VPN client behind a Netscreen List Account (Nov 06)
- <Possible follow-ups>
- RE: Cisco VPN client behind a Netscreen Melson, Paul (Nov 06)
  - RE: Cisco VPN client behind a Netscreen Andy Lyakhovetskiy (Nov 11)