Re: tcp port 500

Uhh. read the error? it says UDP.

ISAKMP is done over UDP port 500, not TCP.

-Kurt

----- Original Message ----- 
From: "XAVIER FERNANDEZ CINTORA" <xfernandez@mexis.net>
To: <firewalls@securityfocus.com>
Sent: Friday, February 03, 2006 1:54 PM
Subject: tcp port 500


Hi to all....

I have a problem with watchguard FW´s, i have configured my central FW
with VPN´s LAN to LAN, but suddenly the new VPN´s cannot connect to the
central. In the logs I saw
"deny in eth0 360 udp 20 123 x.x.x.x y.y.y.y 500 500 default"
so I suppose that the 500 TCP port (500/tcp isakmp) is being denied and
the only solution is a hard reset to the central.
Does anyone have the same problem??
Can anybody offer any advice?

Thanks in advance.