VPN and open ports

Posted on 2006-11-10
Medium Priority
Last Modified: 2013-11-16
Hi I have created a L2L vpn between my network and a vendor. On the VPN concentrator I am only allowing them to see 2 IP addresses which they can ping just fine, however they need to get to a specific port 4000 and I am not sure why they cannot see it. The server they are connecting to is a unix server and doing a netstat I can see the server is listening on that port but the vendor cannot get to it.

Here is the setup:

(Server)--------(Cisco 6509)----------(Cisco 4000 router)---------(VPN 3030)--------(L2L over Internet)---------------------(vendor's VPN 3030)

The cisco 4000 router has no ACLs so would I have to modify an access-list on the 6509 to allow access to that port?


Question by:rh102801
LVL 10

Expert Comment

ID: 17913384
what access-list your are using with your vpn tunnel
LVL 79

Accepted Solution

lrmoore earned 1500 total points
ID: 17914228
If they can ping the server's IP address then they should be able to access any port.
Ping response takes routing issues out of the problem.
Any access-lists on the C6509?

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question