Assuming you mean that the client is behind a firewall trying to connect to
a different firewall elsewhere...
First, you must configure static nat for the host running the client, so
that the client has it's own legal IP address for the Internet. IKE/ISAKMP
communicates from port 500 to port 500. PAT breaks this, so NAT is
required. You then need to pass PROTOCOLS 50 and 51, NOT port numbers.
ESP and AH are just like ICMP, they have there own protocol numbers.
That's it,
Rodgers Moore
""Denao Ruttino"" <[EMAIL PROTECTED]> wrote in message
8op2h5$9ro$[EMAIL PROTECTED]">news:8op2h5$9ro$[EMAIL PROTECTED]...
> Does anyone know which ports I need to open up on a firewall to allow the
> Cisco VPN client to work?
>
> TIA
>
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
