I just went ahead and bought a NetScreen firewall.
Talk about being strict about data, and forwarding (also known as VIP on NS)
What kind of ports are used fDoes it use the default port aswell, or is this one just for servers?or outgoing traffic from the client?
What are the ports used on a client?
Moderator: Qbik Staff
7 posts
• Page 1 of 1
What are the ports used on a client?
by pantrax » May 04 04 3:03 am
- pantrax
- Posts: 14
- Joined: Feb 04 04 2:57 am
by MattP » May 04 04 11:34 am
Hi,
I'm not sure what you're asking? Did you know that WinGate has a built in firewall? Are you trying to run a second firewall on the WinGate server? If so then you can expect to have conflicts that will result in strange problems.
Thanks,
Matt
I'm not sure what you're asking? Did you know that WinGate has a built in firewall? Are you trying to run a second firewall on the WinGate server? If so then you can expect to have conflicts that will result in strange problems.
Thanks,
Matt
- MattP
- Qbik Staff
- Posts: 991
- Joined: Sep 08 03 4:30 pm
by pantrax » May 04 04 9:19 pm
Right. Allow me to clarify.
I bought a standalone firewall, this is not software. It's acting as the entire networks firewall from the outside and in.
I am not running extra firewalls, infact I belive i switched off the firewall which is provided by Wingate VPN.
I have checked the internal servers settings, by connecting to the wingate vpn server from within the network, and by the fact that everything was working ok before i switched from a Linksys router with firewall to the Netscreen 5GT firewall.
Product information is found at www.netscreen.com
My current set up is tcp, source low and high 1024-65535 to destination 809-809. Source is what port the outside client would use, while destination decided what port it tries to connect.
Even though this is set up I still haven't had any luck. They aren't using port forwarding as I'we known it up untill now, but some advanced thing called Virtual IP, or VIP. Which acts in the same way, just more complicated.
I bought a standalone firewall, this is not software. It's acting as the entire networks firewall from the outside and in.
I am not running extra firewalls, infact I belive i switched off the firewall which is provided by Wingate VPN.
I have checked the internal servers settings, by connecting to the wingate vpn server from within the network, and by the fact that everything was working ok before i switched from a Linksys router with firewall to the Netscreen 5GT firewall.
Product information is found at www.netscreen.com
My current set up is tcp, source low and high 1024-65535 to destination 809-809. Source is what port the outside client would use, while destination decided what port it tries to connect.
Even though this is set up I still haven't had any luck. They aren't using port forwarding as I'we known it up untill now, but some advanced thing called Virtual IP, or VIP. Which acts in the same way, just more complicated.
- pantrax
- Posts: 14
- Joined: Feb 04 04 2:57 am
by pantrax » May 05 04 8:49 pm
I managed to get it working with some help from the tech support guys at netscreen, great guys.
The reason for it not working was that i needed some changes in the policy from untrust to trust. For any other users that may have this problem, remember to have the destination address VIP(1) and not the internal server ip, which I thought it would be.
And ofcourse, create a custom service. Ports used tcp/udp 1024 - 65535 source. destination 809 by default.
I started this post because I needed to find out what ports a client would use when sending out requests, atleast I thougth so. It worked just as good opening for all the "random" ports.
The reason for it not working was that i needed some changes in the policy from untrust to trust. For any other users that may have this problem, remember to have the destination address VIP(1) and not the internal server ip, which I thought it would be.
And ofcourse, create a custom service. Ports used tcp/udp 1024 - 65535 source. destination 809 by default.
I started this post because I needed to find out what ports a client would use when sending out requests, atleast I thougth so. It worked just as good opening for all the "random" ports.
- pantrax
- Posts: 14
- Joined: Feb 04 04 2:57 am
by adrien » May 06 04 11:48 am
If your WinGate VPN client is behind this netscreen firewall connecting out, then it needs to be able to connect out to destination port 809 TCP and UDP, however the source ports will be allocated by the OS, and change every time (normally in the range 1024 - 4096)
If you are connecting in to a VPN server behind the netscreen, you would need to open port 809 TCP and UDP again and forward these to the internal machine running the VPN server.
Adrien
If you are connecting in to a VPN server behind the netscreen, you would need to open port 809 TCP and UDP again and forward these to the internal machine running the VPN server.
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
7 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 10 guests