surbit
asked on
Port 10000 problem
Hi all.
I'm using the Cisco VPN client. When I VPN into the network, I need to connect to an application that is running on port 10000 on a host.
I can browse the host's drives, ping it, etc. I can do everything fine except connect to the application (it's MAS200), which is running on port 10000. The host and application is up and running as users in the LAN are able to connect.
The firewall is a Cisco PIX 501. Is there anything special I have to do to disable some kind of port conflict on port 10000 between the PIX and the VPN client?
I'm using the Cisco VPN client. When I VPN into the network, I need to connect to an application that is running on port 10000 on a host.
I can browse the host's drives, ping it, etc. I can do everything fine except connect to the application (it's MAS200), which is running on port 10000. The host and application is up and running as users in the LAN are able to connect.
The firewall is a Cisco PIX 501. Is there anything special I have to do to disable some kind of port conflict on port 10000 between the PIX and the VPN client?
ASKER
No, the above comment is incorrect.
When I ping host_a, it resolves to 192.168.1.10, which is the wrong host. In fact, whatever I ping, it resolves to the same 192.168.1.10 address. I can even ping a non-existent host such as adfasfasdfasfsafas and it will resolve to 192.168.1.10. I think this is the problem. Any solution? Thanks.
When I ping host_a, it resolves to 192.168.1.10, which is the wrong host. In fact, whatever I ping, it resolves to the same 192.168.1.10 address. I can even ping a non-existent host such as adfasfasdfasfsafas and it will resolve to 192.168.1.10. I think this is the problem. Any solution? Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
But the LAN users are using the same DNS server and they can resolve all the names properely.
Just permit UDP port 62515 from any host.
This traffic/ports will never be seen with a packet sniffer because this is local to the PC, communication to loopback address (stuff that occur between the VPN softwares different parts)
This traffic/ports will never be seen with a packet sniffer because this is local to the PC, communication to loopback address (stuff that occur between the VPN softwares different parts)
flush your dns.
open a command prompt, type ipconfig /flushdns
your VPN client uses port 10000, to make connections to the VPN concentrator.
open a command prompt, type ipconfig /flushdns
your VPN client uses port 10000, to make connections to the VPN concentrator.
Actually there are a wide range of ports that are used internally when the VPN client initializes. I had to enable the setting that allows UDP port 62515 to receive traffic from any host to get my VPN working through my XP Firewall. Without that the client will die without even trying to get out of the machine.
yeah, with SP2 for XP, you can add a entries to the windows firewall that will enable the cisco VPN clinets to work. Here are the only ports that we added.
TCP Port 10000
UDP 4500
UDP 62515
this has worked on many computers.
TCP Port 10000
UDP 4500
UDP 62515
this has worked on many computers.
ASKER
There is no Windows Firewall on the workstation. Do I need to permit ports on the PIX side? If so, what are the commands? Thanks for the inputs thus far.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So if I telnet 192.168.1.5 10000, it works.
I can ping host_a and it resolves to 192.168.1.5.
I cannot do this: telnet host_a 10000. I do have a WINS server enable for the VPN client.