[afnog] VPN Port Number
Philip Smith
pfs at cisco.com
Mon Aug 2 20:55:09 EAT 2004
If you are using outbound and inbound ACLs at the moment, then if you add
the "log" option to the last deny it will show which connection attempts
are blocked. If you know the IP addresses of the clients and of the server
in France, you can match those in the ACL logs, and then simply add them to
your permit portion of the ACLs.
I couldn't hazard a guess as to which port, or ports, it could be though -
completely depends on the VPN client and termination point in France. (My
router sitting here at home has these two lines:
access-list 100 permit udp any eq isakmp any eq isakmp
access-list 100 permit esp any any
which does the necessary for Cisco VPN client/server. YMMV ofcourse!)
philip
--
At 09:44 02/08/2004 +0100, Mensah K. Agbessitse wrote:
>The only think I know is that they configured the clients ( Windows 2k) here
>and dial into a server in France.
>And to protect my network, I need to put ACL. The router I used was Cisco831
>with IOS: c831-k9o3y6-mz.123-2.XC2.bin which does not have ipsec command
>hence need to specify a port instead of a name.
>
>Thank.
>
>Bruno.
More information about the afnog
mailing list