• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 217
  • Last Modified:

How do I setup a VPN in this situation?

If I wanted to establish a VPN connection between two private networks, each behind a cisco firewall which I have no control over, could I do that without having someone configure the firewall?  
0
lloydr1l
Asked:
lloydr1l
  • 4
  • 3
  • 3
  • +2
2 Solutions
 
poweruser32Commented:
no you will need to apply changes to the firewall config at both ends in order to establish an ipsec vpn tunnel thru the internet-here is a good link
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html
0
 
tlbrittainCommented:
No, VPN requires that certain ports be opened, and unless the firewall is not locked down properly it will require coordination with the Firewall Administrator.
0
 
lloydr1lAuthor Commented:
So then, I would pretty much need to stick with something like Logmein for remotely accessing pc's behind a firewall I can't configure.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
poweruser32Commented:
a site to site vpn is fairly easy to set up-you can use the asdm web interface as well to do it which makes it easier-about 10 minutes it takes
0
 
lloydr1lAuthor Commented:
I can do this without access to the firewall?  I'm not familiar with asdm.
0
 
poweruser32Commented:
you will need to have the password as far as i know and maybe you need to be given access via the pix as well
0
 
lloydr1lAuthor Commented:
That won't work then, as I don't have access to the firewall.  Currently I use Logmein to do what I need, but I was wondering if I could setup a vpn connection in my senario involving the PIX firewalls.   It's not looking like it.
0
 
tlbrittainCommented:
There are ports/protocols that will have to be opened on the firewall for the traffic to pass.  the ones I am familiar with are

GRE - 47 (IP Protocol)
ESP - 50 (IP Protocol)
AH - 51 (IP Protocol)
UDP - 1701
TCP - 1723
UDP - 500
UDP - 10000

These are just the ones I know of that need to be open for VPN at the Firewall and Router if applicable if you have Extended ACLs on the routers.
0
 
tlbrittainCommented:
The ports/protocols will vary depending on if what you use IPSec, L2TP...
0
 
trinak96Commented:
1) You cant setup a vpn if do not have access.

2) If you require a vpn for support purposes then approach the person/support comany who do support the firewalls and request it, probably a cost involved.
0
 
Zenith63Commented:
Something like LogMeIn Hamachi will give you a VPN to sites, generally without the need for config of the firewall at either end.

What are you actually trying to achieve though?  I'd have thought LogMeIn was sufficient in most cases so I'm just wondering what features you're after.
0
 
lloydr1lAuthor Commented:
Yes, Logmein is sufficient for what I need to achieve in most instances.  But to further my knowledge and options for connectivity, I wanted to try and play around with setting up vpn connections.  But I was thinking this would not work because I do not have access to the firewall, and wanted to confirm by asking the question.  
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 4
  • 3
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now