Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Ports for Cisco VPN 3000 Series

from [Harjith] Network Security [Permanent Link]
Subject: RE: Ports for Cisco VPN 3000 Series
Date: Thu, 15 Sep 2005 12:23:46 +0530 
Hi Mark, 

Client less VPN, does he mean SSL VPN clients. 

ESP : IP Protocol 50. Is it like TCP port 50. Could you explain more
about this.

-harjith 


-----Original Message-----
From: Mark Lewis [mailto:mark@mjlnet.com] 
Sent: Wednesday, September 14, 2005 2:00 AM
To: Doug Fox
Cc: firewalls@securityfocus.com
Subject: Re: Ports for Cisco VPN 3000 Series


Ports relevant for IPsec VPNs:

ISAKMP traffic- UDP port 500.
ESP traffic- IP protocol 50.
AH traffic- IP protocol 51. Note that the Cisco VPN 3000 concentrator
does not support AH.

IPsec NAT traversal (depending on how you configure it):

Industry standard NAT-T uses UDP port 4500.
IPsec over a user defined TCP port (10000, by default, on the Cisco VPN
3000 concentrator). IPsec over a user defined UDP port (10000, by
default, on the Cisco VPN 3000 concentrator).


SSL clientless VPNs:

TCP port 443 (HTTPS).


Hope that helps,

Mark




---- Original message ----

Date: Thu, 8 Sep 2005 20:28:45 -0400
From: "Doug Fox" <dfox168@hotmail.com>
Subject: Ports for Cisco VPN 3000 Series  
To: <firewalls@securityfocus.com>

  Which ports should I open on the firewall allowing
  "Site to Site" and "Client to Site" IP Sec VPNs as
  well as Clientless VPNs?
   
  By the way, can this Cisco VPN be placed in the DMZ
  or behind the firewall on the internal network?
   
  Any info/pointers are much appreciated.
   
  Thanks,
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Pix dynamic VPN, Ian Morgan
Next by Date:  RE: Ports for Cisco VPN 3000 Series, dave kleiman
Previous by Thread:  Re: Ports for Cisco VPN 3000 Series, Mark Lewis
Next by Thread:  RE: Ports for Cisco VPN 3000 Series, dave kleiman
Indexes:  [Date] [Thread] [Top] [All Lists]