?
Solved

Ports to open for Remote access

Posted on 2006-11-13
3
Medium Priority
?
174 Views
Last Modified: 2010-04-17
Can someone please comfirm which ports I need to open for PPTP and L2TP on my router...worth 500 smackers!!!
Many thanks
Andy
0
Comment
Question by:AndyinJapan
3 Comments
 
LVL 3

Accepted Solution

by:
bugsaif earned 1500 total points
ID: 17936112
What exactly are you trying to do? Are you setting up your router as a PPTP / L2TP passthrough? or is the router the end-point for the tunnel(s)?

PPTP uses port 1723 (tcp)
L2TP useu port 1701 (udp)

If this is a passthrough setup you'll also need to forward GRE (protocol 47)
also depending up what exactly it is that you're trying to do... ports: 50, 51, (and 500, for IPSec VPN's) may also need to be opened/forwarded.

Saif
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17936488
For IPSEC,

Protocol 50 and 51 (whether ah or esp) and udp 500

Cheers,
Rajesh
0
 

Author Comment

by:AndyinJapan
ID: 17942648
Dear all,

Its a pass thought setup to a windows 2003 RAS.

On the router I have the following read out.

nat descriptor type 1 masquerade
nat descriptor address outer 1 218.225.xxx.xxx
nat descriptor masquerade 1 218.225.xxx.xxx udp 500
nat descriptor masquerade 2 218.225.xxx.xxx esp
nat descriptor masquerade 3 218.225.xxx.xxx tcp 1723
nat descriptor masquerade 4 218.225.xxx.xxx gre
nat descriptor masquerade 5 218.225.xxx.xxx tcp 1701
nat descriptor masquerade 6 218.225.xxx.xxx udp 1701

Does this look about right?

Many thanks for your advise
Andy :)
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question