Thanks for the correction on ISAKMP! I knew that the second I saw your
post, but sometimes my fingers get typing faster than my head is really
thinking.
--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/
Cisco resources: http://r2cisco.artoo.net/
"Rizzo Damian" <[EMAIL PROTECTED]> wrote in message
49C181ACF35ED311A7DC00508B5AF61102E52563@NAEXCHANGE">news:49C181ACF35ED311A7DC00508B5AF61102E52563@NAEXCHANGE...
> Actually your both right, PPTP (microsoft VPN) uses IP protocol 47 (GRE)
and
> TCP port 1723. However ISAKMP uses UDP port 500, not TCP.
>
>
> -Rizzo
>
>
>
> -----Original Message-----
> From: cisco.groupstudy.com [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 02, 2001 10:19 AM
> To: [EMAIL PROTECTED]
> Subject: Re: IPsec port
>
>
> Just to add to what you've stated:
>
> GRE uses control port 1723.
>
> -Scott M. Trieste
>
>
> ""J Roysdon"" <[EMAIL PROTECTED]> wrote in message
> 9a96ge$rt5$[EMAIL PROTECTED]">news:9a96ge$rt5$[EMAIL PROTECTED]...
> > The names and numbers are correct, but as someone else pointed out a few
> > posts back, it's not a port number, but a protocol number.
> >
> > Protocols:
> > 6 TCP
> > 17 UDP
> > 47 GRE (PPTP requirement)
> > 50 ESP
> > 51 AH
> >
> > Just to delve a little further about security protocols, ISAKMP does use
> > TCP/500, and you'll need it too.
> >
> > Bookmark 'em:
> > ftp://ftp.isc.org/pub/rfc/rfc1700.txt
> > http://www.isi.edu/in-notes/iana/assignments/port-numbers
> >
> > --
> > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
> > List email: [EMAIL PROTECTED]
> > Homepage: http://jason.artoo.net/
> > Cisco resources: http://r2cisco.artoo.net/
> >
> >
> > ""Kane, Christopher A."" <[EMAIL PROTECTED]> wrote in message
> >
>
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Actually, you have it backwards. AH = port 51. ESP = port 50.
> > >
> > > Christopher A. Kane, CCNP
> > > Senior Network Control Tech
> > > Router Ops Center/Hilliard NOC
> > > UUNET
> > > (614)723-7877
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Rizzo Damian [mailto:[EMAIL PROTECTED]]
> > > Sent: Friday, March 30, 2001 12:19 PM
> > > To: 'Ruihai An'; [EMAIL PROTECTED]
> > > Subject: RE: IPsec port
> > >
> > >
> > > AH-port 50, ESP-port 51 and ISAKMP-port 500
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Ruihai An [mailto:[EMAIL PROTECTED]]
> > > Sent: Friday, March 30, 2001 12:05 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: IPsec port
> > >
> > >
> > > I configured my PIX as the IPsec VPN terminator to support DES VPN
> client.
> > > I have an inbound access-list on my perimeter router. Does any one
> know
> > > the ports I need to open for IPsec VPN traffic on my perimeter router
?
> > >
> > > Ruihai
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
