The Cisco VPN client requires both port 50 and 500 open. I have tried using ENS to configure these ports but still cannot hit the Cisco router. I then tried to create the open ports as a Service, but port 500 will not allow my internal or external IP to be used.
Anyone know a solution or have experience hitting Cisco routers?
Thanks in advance.
VPN through Wingate with Cisco VPN Client
Moderator: Qbik Staff
5 posts
• Page 1 of 1
by erwin » Apr 29 04 2:27 pm
Hi Christo
Is the Cisco vpn client attempting to VPN to a remote location from behind WinGate.? If this is the case then WinGate will automatically open these ports to allow the connection out.
If the connection is being made from the Internet to a Cisco Vpn behind WinGate then you will need to open up ports 50 and 500 in the Port Security tab in ENS and set the "Redirect packet" option to the IP of the Cisco VPN /Router that is sitting behind WinGate. This way all incoming packets coming in on those ports will be sent straight the Cisco VPN/router.
Does these to options sound like your scenario? If not let us know a bit more detail of the way it is setup then we can see if it can be sorted.
Hope this helps
Regards
Erwin
Is the Cisco vpn client attempting to VPN to a remote location from behind WinGate.? If this is the case then WinGate will automatically open these ports to allow the connection out.
If the connection is being made from the Internet to a Cisco Vpn behind WinGate then you will need to open up ports 50 and 500 in the Port Security tab in ENS and set the "Redirect packet" option to the IP of the Cisco VPN /Router that is sitting behind WinGate. This way all incoming packets coming in on those ports will be sent straight the Cisco VPN/router.
Does these to options sound like your scenario? If not let us know a bit more detail of the way it is setup then we can see if it can be sorted.
Hope this helps
Regards
Erwin
- erwin
- Qbik Staff
- Posts: 408
- Joined: Sep 03 03 2:54 pm
by Christo » May 11 04 4:11 am
We are trying to connect to the external Cisco Router from behind Wingate. I have opened a hole through ENS for both ports 50 and 500 but the connection still fails with a;
'secure vpn connection terminated locally by the client
Reason: the remote peer is no longer responding'
The Cisoco router shows no hits from our Wingate server.
Thanks.
'secure vpn connection terminated locally by the client
Reason: the remote peer is no longer responding'
The Cisoco router shows no hits from our Wingate server.
Thanks.
Christo Lee
- Christo
- Posts: 8
- Joined: Mar 26 04 8:33 am
by erwin » May 11 04 1:52 pm
Hi Christo
Thanks for the extra details.
As I said in my previous post if clients are connecting out from behind WinGate then WinGate will open the approriate ports for the connection to the remote Cisco router and should allow the corresponding reply traffic from the Router back in to the client machine.
Just one thought. Are the Clients/Router using IPsec in this connection?
Unfortunately WinGate currently does not support the handling of IPsec traffic through its firewall although this is something we are working on for release in the near future. Is it possible to run a "non IPSec" Cisco VPN and see if this works?
Regards
Erwin
Thanks for the extra details.
As I said in my previous post if clients are connecting out from behind WinGate then WinGate will open the approriate ports for the connection to the remote Cisco router and should allow the corresponding reply traffic from the Router back in to the client machine.
Just one thought. Are the Clients/Router using IPsec in this connection?
Unfortunately WinGate currently does not support the handling of IPsec traffic through its firewall although this is something we are working on for release in the near future. Is it possible to run a "non IPSec" Cisco VPN and see if this works?
Regards
Erwin
- erwin
- Qbik Staff
- Posts: 408
- Joined: Sep 03 03 2:54 pm
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 6 guests