Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Ports needed to be opened

Posted on 2007-11-20
3
Medium Priority
?
647 Views
Last Modified: 2008-04-28
I am planning on deploying a SonicWall TZ150 to create an IPSec VPN and would like to know what ports need to be opened on a firewall to allow the VPN to connect. I am installing this solution on a Government facility and need to reqest the correct ports to be opened. I tried to install the device on the network last week and it would not connect. It would allow communication through port 80 but it looked like the problem was UPD port 500 but I want to make sure what ports I need to request to be opened.
0
Comment
Question by:tparus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 15

Expert Comment

by:getzjd
ID: 20325514
you are using the tz150 as an endpoint?  If so, just check the box "enable VPN" and configure the vpn.

Or is there an endpoint behind the tz150?
0
 
LVL 19

Accepted Solution

by:
SteveH_UK earned 2000 total points
ID: 20326125
I don't know about the particular device you are using, but for IPsec VPNs to work you need the following:

IPsec generally needs UDP 500 for IKE (Internet Key Exchange).  You will also need AH (Authentication Header) and ESP (Encapsulated Security Payload) IP protocols to be allowed (51 and 50).  You may also need IPsec NAT-T which is UDP 4500.

Finally, it is often necessary to allow fragmented IP packets, as encrypted packets are often big.

0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20821091
Thanks for the points :)
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question