Hello,
A secure remote question.
At what point does Secure Remote create a VPN encrypted tunnel, does it send
and receive encrypted data after "negotiate encryption and authentication
information" has been negotiated or only after the "Key Install has reached
its destination"
*-----------* *-----------*
| Client |___<Bi-directional TCP, UDP and IP>___| FW-1 |
| | Internet | |
*-----------* *-----------*
Secure remote Authentication process
SecuRemote requires the following ports and protocols to be allowed by any
intermediary device (routers, firewalls).
1 - TCP port 256 between client and FW-1. This is only needed to fetch and
update the site information and will always originate from the SecuRemote
client
2 - UDP port 259 to negotiate encryption and authentication information.
3 - UDP port 500 to negotiate encryption keys when ISAKMP is used.
4 - IP Protocol 50 bi-directional when ISAKMP is used. (Key Install)
Best regards,
Mat.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
