Hello ! The key exchange (IKE) is UDP port 500 and the transport is tunneled in the ESP protocol. If you use SecuRemote SP2 and later behind NAT then the transport is changed to IPSecUDPEncapsulation (UDP port 2743) Arno Hechenberger citydata -----Ursprüngliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Im Auftrag von Jan-Ivar Hansen Gesendet: Samstag, 21. April 2001 14:52 An: [EMAIL PROTECTED] Betreff: [FW1] QoS and VPN Hi all, our network consists of three branchoffices which are connected through a VPN. Our goal is to prioritize the encrypted traffic between the sites in the outside routers. Traffic to the internet is considered lowest priority. Does anybody know which ports these encrypted packets uses, is it a static port number or is it some random generated port number? An other possibility is to tag the packets in the inside routers before encryption occurs, but will the packet then keep the tag after encryption or does the whole packet get encrypted with a new header and tail? We are using CP FW-1 4.1 SP 3 with DES/IKE encryption scheme. Thanks all Jan-Ivar ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
