If your running radius authentication don't you also have to open up 1812 &
1813 ? Or is this done off of another interface and not the inbound IPsec
port ( I don't know, I don't have a Pix) ?
""Kane, Christopher A."" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Actually, you have it backwards. AH = port 51. ESP = port 50.
>
> Christopher A. Kane, CCNP
> Senior Network Control Tech
> Router Ops Center/Hilliard NOC
> UUNET
> (614)723-7877
>
>
>
> -----Original Message-----
> From: Rizzo Damian [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 30, 2001 12:19 PM
> To: 'Ruihai An'; [EMAIL PROTECTED]
> Subject: RE: IPsec port
>
>
> AH-port 50, ESP-port 51 and ISAKMP-port 500
>
>
>
> -----Original Message-----
> From: Ruihai An [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 30, 2001 12:05 PM
> To: [EMAIL PROTECTED]
> Subject: IPsec port
>
>
> I configured my PIX as the IPsec VPN terminator to support DES VPN client.
> I have an inbound access-list on my perimeter router. Does any one know
> the ports I need to open for IPsec VPN traffic on my perimeter router ?
>
> Ruihai
>
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
