Solved

Secure Remote NG - What ports does it use??

Posted on 2002-06-28
7
7,463 Views
Last Modified: 2007-11-27
I had to upgrade to Secure Remote NG because the server on the other side was upgraded.  It seems that NG uses a different set of ports to communicate than the older version did.  I am not able to connect to the secure server with my firewall up.  When I bring my firewall down, I can telnet in just fine.

I need to know which ports that Secure Remote NG uses to communicate with the server, so I can open them up on my firewall.  I have had a hard time finding this info.

Thanks.
0
Comment
Question by:barthalamu
7 Comments
 
LVL 16

Expert Comment

by:The--Captain
ID: 7119725
I avoid checkpoint for just these reasons [it's crappy], but maybe this link will help...

http://www.firewall-1.org/2002-05/msg00318.html

In any case, can't you just resolve this with an appropriately-situated packet-sniffer?

Cheers,
-Jon





0
 

Author Comment

by:barthalamu
ID: 7120931
I didn't find what I was looking for from that link.  Thanks though.

Yes, I can use a packet sniffer, and will do that if no one knows or knows where to find out the exact ports that Secure Remote NG uses to communicate on.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7121301
If you can't find documentation on the ports in use, then a packet sniffer may be one of your only options - let me know how things proceed...

Cheers.
-Jon
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 1

Expert Comment

by:roman0_mx
ID: 7122613
barthalamu

Download one sniffer / Scanner port, for example the Nmap (its free)

And run them again your firewall ( or other devices), to see the open ports an then try these open ports to connect.

http://www.insecure.org/

Ciao.
0
 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
ID: 7125158
No change - should just be the same ones as with 4.1.
From Check Point SecureKnowledge:

Which ports need to be opened for a SecuRemote session to be allowed through a filtering device such as FireWall-1?
 
Solution ID: 3.0.135325.2193947
Creation Date: 06/18/1999
Revised Date: 05/23/2002
       Email this solution
 Rate this solution
 
 
Environment: SecuRemote 4.0, SecuRemote 4.1, SecureClient 4.1, SecuRemote NG, SecureClient NG, VPN-1/ FireWall-1, Ports, Protocol 50, Protocol 51, Protocol 94
 
Symptoms:
Unable to establish SecuRemote session with a remote Firewall-1 through a filtering device
 
Cause:
The filtering device has the following ports blocked: -TCP Port 264 -TCP Port 256 -UDP Port 259 -UDP Port 500 -Protocol 94, 50 and 51.
 
Solution:
1. To download the topology, you need to open TCP port 256, whatever encryption scheme is used .

*  If using SecuRemote 4.1 or NG, then by default the topology will be downloaded on TCP port 264.

*  If using SecuRemote 4.1 with FireWall-1 3.0b or 4.0, SecuRemote will first try to get the topology on port 264; if it is not successful after 30 seconds, it will try on port 256.
See the Solution: Topology Download problems with SecuRemote 4.1/FireWall-1 4.1 to learn more about this issue.

*  If using SecuRemote 3.0 or 4.0 with FireWall-1 4.1, add a rule in FireWall-1, that accepts connections from SecuRemote users to the SecuRemote server on port 256.

2. To establish a connection between SecuRemote Client and the server:
If using the FWZ encryption scheme, open UDP port 259 for the Authentication.

NOTE: If not using encapsulation, create rules to allow the actual traffic.
If using encapsulation, just add one rule allowing traffic on protocol 94 (0x5e) which is the new IP protocol number.
For ISAKMP, open UDP port 500 (ISAKMP service) for Authentication, and allow traffic on protocol 50 (0x32) and 51 (0x33) which are the new protocol numbers for ISAKMP.

NOTE:  If the Firewall in the middle is FireWall-1 then you need to allow IPSEC and fw1-topo services.




0
 

Author Comment

by:barthalamu
ID: 7125230
Thank you so much.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7128220
A packet sniffer would have gotten you your answer in 4 minutes, not four days

roman0_mx - nmap is not a sniffer, unless you know something I don't.

Kudos to tim, though for finding the info...

Cheers,
-Jon
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now