Solved

Secure Remote NG - What ports does it use??

Posted on 2002-06-28
7
7,481 Views
Last Modified: 2007-11-27
I had to upgrade to Secure Remote NG because the server on the other side was upgraded.  It seems that NG uses a different set of ports to communicate than the older version did.  I am not able to connect to the secure server with my firewall up.  When I bring my firewall down, I can telnet in just fine.

I need to know which ports that Secure Remote NG uses to communicate with the server, so I can open them up on my firewall.  I have had a hard time finding this info.

Thanks.
0
Comment
Question by:barthalamu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 16

Expert Comment

by:The--Captain
ID: 7119725
I avoid checkpoint for just these reasons [it's crappy], but maybe this link will help...

http://www.firewall-1.org/2002-05/msg00318.html

In any case, can't you just resolve this with an appropriately-situated packet-sniffer?

Cheers,
-Jon





0
 

Author Comment

by:barthalamu
ID: 7120931
I didn't find what I was looking for from that link.  Thanks though.

Yes, I can use a packet sniffer, and will do that if no one knows or knows where to find out the exact ports that Secure Remote NG uses to communicate on.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7121301
If you can't find documentation on the ports in use, then a packet sniffer may be one of your only options - let me know how things proceed...

Cheers.
-Jon
0
SuperAntiSpyware Licenses Discounted by 25% !

Exclusive offer to Experts Exchange Members!
Buy SuperAntiSpyware License(s) from us and save 25% on the regular purchase price.
- Includes Full SuperAntiSpyware Vendor Support Entitlements
- Your Subscription does not begin until you activate your license
- Buy for your friends

 
LVL 1

Expert Comment

by:roman0_mx
ID: 7122613
barthalamu

Download one sniffer / Scanner port, for example the Nmap (its free)

And run them again your firewall ( or other devices), to see the open ports an then try these open ports to connect.

http://www.insecure.org/

Ciao.
0
 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
ID: 7125158
No change - should just be the same ones as with 4.1.
From Check Point SecureKnowledge:

Which ports need to be opened for a SecuRemote session to be allowed through a filtering device such as FireWall-1?
 
Solution ID: 3.0.135325.2193947
Creation Date: 06/18/1999
Revised Date: 05/23/2002
       Email this solution
 Rate this solution
 
 
Environment: SecuRemote 4.0, SecuRemote 4.1, SecureClient 4.1, SecuRemote NG, SecureClient NG, VPN-1/ FireWall-1, Ports, Protocol 50, Protocol 51, Protocol 94
 
Symptoms:
Unable to establish SecuRemote session with a remote Firewall-1 through a filtering device
 
Cause:
The filtering device has the following ports blocked: -TCP Port 264 -TCP Port 256 -UDP Port 259 -UDP Port 500 -Protocol 94, 50 and 51.
 
Solution:
1. To download the topology, you need to open TCP port 256, whatever encryption scheme is used .

*  If using SecuRemote 4.1 or NG, then by default the topology will be downloaded on TCP port 264.

*  If using SecuRemote 4.1 with FireWall-1 3.0b or 4.0, SecuRemote will first try to get the topology on port 264; if it is not successful after 30 seconds, it will try on port 256.
See the Solution: Topology Download problems with SecuRemote 4.1/FireWall-1 4.1 to learn more about this issue.

*  If using SecuRemote 3.0 or 4.0 with FireWall-1 4.1, add a rule in FireWall-1, that accepts connections from SecuRemote users to the SecuRemote server on port 256.

2. To establish a connection between SecuRemote Client and the server:
If using the FWZ encryption scheme, open UDP port 259 for the Authentication.

NOTE: If not using encapsulation, create rules to allow the actual traffic.
If using encapsulation, just add one rule allowing traffic on protocol 94 (0x5e) which is the new IP protocol number.
For ISAKMP, open UDP port 500 (ISAKMP service) for Authentication, and allow traffic on protocol 50 (0x32) and 51 (0x33) which are the new protocol numbers for ISAKMP.

NOTE:  If the Firewall in the middle is FireWall-1 then you need to allow IPSEC and fw1-topo services.




0
 

Author Comment

by:barthalamu
ID: 7125230
Thank you so much.
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7128220
A packet sniffer would have gotten you your answer in 4 minutes, not four days

roman0_mx - nmap is not a sniffer, unless you know something I don't.

Kudos to tim, though for finding the info...

Cheers,
-Jon
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to secure access to a folder on windows server 2008 R2 6 122
Trojan 28 119
RDP to Windows Server 2012 R2 after disabling TLS 1.0 7 155
ransomware backup 8 139
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question