An IP protocol is not a TCP/UDP port. For instance, PPTP uses IP Protocol 47, but TCP port 1723.
Since the equipment you're configuring is an unknown model of Juniper, these might help: http://www.juniper.net/techpubs/software/junos-security/junos-security95/junos-security-swconfig-security/ipsec-vpn-overview.html http://kb.juniper.net/kb/documents/public/VPN/ScreenOS_Windows_L2TP_IPSec.pdf See especially the links at the bottom of the first page for further info. On Sat, Mar 3, 2012 at 12:44, Pierre Camilleri <pierre.camill...@fosterclark.com> wrote: > Sorry Kurt. I was meant to reply to your message. > Does he have to open then tcp 6 and udp 17 re ESP? > > Thanks > Pierre > > > > I believe you'll need to make sure that IP Protocol 50 is enabled as > well, for ESP. > > http://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol > > On Sat, Mar 3, 2012 at 04:33, Pierre Camilleri > <pierre.camill...@fosterclark.com> wrote: >> Hi everyone >> >> I wonder if someone could help me solve this issue. A friend of mine is >> having issues when trying to connect to his office network using a vpn >> connection with L2TP. He is using Windows 7 Ultimate and the office server >> is running MS SBS 2010. He can't just get this vpn connection to work. All >> the required ports are opened on the Juniper firewall i.e. udp ports 4500, >> 500 and 1701. > > Any idea what could be wrong and where to check further? >> >> TIA >> Pierre >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin