Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

IBM SecureWay 4.1 issue with Cisco VPN client

From: "Kyle King" <KKing () Bankshill com>
Date: Mon, 1 Mar 2004 11:37:37 -0800
Hello everyone, I'm just a new person to world of firewalls (corporately),
and even the knowledge that I have gained has been mostly from small
personal clients like zone alarm. You all will probably be seeing me make
replies somewhat often, and I hope my meager knowledge will help someone in
the future.

However, it seems I already have a problem of my own, and I was wondering if
maybe someone here could help me?

Currently, I have to connect our computers inside our IBM SecureWay 4.1
firewall, using the Cisco VPN client version 4.0.3 to a server for use with
a .Net development that's on the VPN network. Basically, we have to connect
our computers to the other server that has all the databases our .Net tools
will access.

Now IBM SecureWay has a VPN support set up, but it's only for direct
tunneling, IE from the firewall to another firewall. We must use the Cisco
VPN client. After some research, I have found that the client uses UDP 500,
and UDP 4500 (and sometimes UDP 10000) for its connection. So I created
custom rules on the firewall to allow those ports open for the computers
running the client. This allowed me to successfully sign in to the server
that's running the VPN host. However, I can not see the other computers
running on that network (as I should be able to over a VPN). Also, the .Net
tools do not get a reply from the databases we try to access. When I look at
the statistics page that the Cisco VPN client produces, the field labeled
'bytes received' stays at 0.

The next logical course of action is to determine if the problems aren't at
my end. So I removed a computer from the firewall (let it be its own entity
in the open world) and ran the VPN client again. It connected perfectly, and
when using the .Net tools everything worked fine. I also could see the other
computers in the Virtual Network.

Well, I'd appreciate any help. I'm just a trained C++ programmer with
network admin training, thrust into a firewall controllers job 3 weeks ago.

Kyle King
Banks-Hill Systems Ltd.
email: KKing () bankshill com
Phone: (780) 488 6100 ext. 242
Fax: (780) 488 4550
www.bankshill.com


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: