Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VPN Client!!!

Posted on 2003-10-21
3
Medium Priority
?
217 Views
Last Modified: 2013-11-16
Hi there,

I'm using a VPN Client to connect into my school's server. I can get connected without any problem. However when i check the statistics for the incoming packets decrypted it says 0. I believe something is blocking the packets. I have a pix 501 at my house. Do you think this could be the reason? Do you have any suggestions?

Thanks for your help.
0
Comment
Question by:mdiez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 1

Accepted Solution

by:
birksy earned 375 total points
ID: 9595053
Hi,

Given that you've a 501 at home I'm assuming that as you traverse your firewalls interfaces you're going through a private/public address boundary and hence the VPN server at the other end has to support client NAT.

Cisco typically use port 10000/UDP to create the network transport when your client is on a private address, but without knowing what sort of VPN server you're connecting to (e.g. Nortel, Symantec, Cisco) or for that matter whether you're using PPtP or IPSEC (or even an SSL VPN) it's immaterial. Let us know what sort of device you're connecting to and we'll go from there.

In the meantime here's a good place to start looking in terms of passing IPSEC VPN traffic through your firewall:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009486e.shtml

R.
0
 

Author Comment

by:mdiez
ID: 9595630
Hi there,

Thanks for youe response. My school is running a VPN Cisco Server. And they are using IPSEC. Does this help, or you need more information.

Thanks for your help
0
 
LVL 1

Expert Comment

by:birksy
ID: 9603984
Since you're connecting to another Cisco box things become slightly more simple.

You need to consider opening the following on your Pix:

ESP (50/IP)
ISAKMP (500/UDP)
10000/UDP

You'll also need to configure your Cisco client to do NAT traversal using a UDP transport. The link that I posted above explains how to do the firewall side of this in some detail.

Let me know how you get on, any if you have further problems.

R.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question