Hi Jav, Where'd you find the Open Port Button [TM] on the ISA firewall? Microsoft has *not* licensed that out yet. Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Jav [mailto:jaweed.patel@xxxxxxxxxxxx] Sent: Saturday, May 21, 2005 7:04 AM To: [ISAserver.org Discussion List] Subject: [isalist] How to work Nortel Extranet Client through ISA2004. http://www.ISAserver.org Hi everyone, I'm facing a techincal problem in making a VPN connection from my company internal network to Galileo system. I have ISA2004 installed at the edge of my company network. Diagram: Internal VPN Client -----ISA Server2004------Internet(Galileo System) I have got the below information from the Galileo system to establish a vpn connection through firewall. PROTOCOLS: -TCP/IP (Protocols 6 & 4) -UDP (Protocol 17) -PPTP: GRE (Protocol 47 mapped to port 1723) - Microsoft PPTP VPN ONLY -IPSec: ESP & AH (Protocols 50 & 51) - Nortel Extranet client ONLY. PORTS: (PAT-Port Address Translation is NOT permitted) PPTP Switch: 1723 / TCP Traffic / Outbound Only (Microsoft PPTP VPN ONLY. Not necessary for IPSec clients.) IPSec Switch: 500 / UDP Traffic / Outbound & Inbound (Nortel Extranet Client ONLY. Not necessary for PPTP clients. UDP Protocol 17 only on this port.) Config Servers: 5067 / UDP Traffic / Outbound Only 5068 / UDP Traffic / Inbound Only 5069 / TCP Traffic / Inbound Only (FPM Requirement) IP Concentrators: 2749 / TCP Traffic / Outbound Only (Galileo(r) system only) 2750 / TCP Traffic / Outbound Only (VTF-IP Concentrators) Device Galileo(r) System PPTP VPN Switch x.galileo.com 12.x.x.4 IPSec VPN Switch x.galileo.com 12.x.x.1 12.x.x.2 12.x.x.3 Config Servers v.galileo.com 172.x.x.1 IP Concentrators vx.galileo.com 172.x.x.2 They have given me two choice to establish a VPN link to Galileo system; 1) Microsoft PPTP. 2) Nortel Extranet client. I have tried both of them by opening all necessary ports on the ISA. Can anyone of you have workedout with similar setup. Any reply will be highly appreciated. Thank you in advance. With Regards, Jav ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx