RE: How to work Nortel Extranet Client through ISA2004.

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Sat, 21 May 2005 07:52:47 -0500

Hi Jav,

Where'd you find the Open Port Button [TM] on the ISA firewall?
Microsoft has *not* licensed that out yet. 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: Jav [mailto:jaweed.patel@xxxxxxxxxxxx] 
Sent: Saturday, May 21, 2005 7:04 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] How to work Nortel Extranet Client through ISA2004.

http://www.ISAserver.org

Hi everyone,

I'm facing a techincal problem in making a VPN connection from my
company
internal network to Galileo system. I have ISA2004 installed at the edge
of my company network.

Diagram:
 
Internal VPN Client -----ISA Server2004------Internet(Galileo System)

I have got the below information from the Galileo system to establish a
vpn connection through firewall.

PROTOCOLS:

-TCP/IP (Protocols 6 & 4)
-UDP (Protocol 17)
-PPTP: GRE (Protocol 47 mapped to port 1723) - Microsoft PPTP VPN ONLY
-IPSec: ESP & AH (Protocols 50 & 51) - Nortel Extranet client ONLY.


PORTS:  (PAT-Port Address Translation is NOT permitted)

PPTP Switch:
1723 / TCP Traffic / Outbound Only  (Microsoft PPTP VPN ONLY.  Not
necessary for IPSec clients.)

IPSec Switch:
500 / UDP Traffic / Outbound & Inbound (Nortel Extranet Client ONLY.
Not
necessary for PPTP clients.   UDP Protocol 17 only on this port.)

Config Servers:
5067 / UDP Traffic / Outbound Only
5068 / UDP Traffic / Inbound Only
5069 / TCP Traffic / Inbound Only (FPM Requirement)

IP Concentrators:
2749 / TCP Traffic / Outbound Only (Galileo(r) system only)
2750 / TCP Traffic / Outbound Only (VTF-IP Concentrators)


Device                  Galileo(r) System       

PPTP VPN Switch         x.galileo.com           
                        12.x.x.4
IPSec VPN Switch        x.galileo.com   
                        12.x.x.1        
                        12.x.x.2                
                        12.x.x.3
                
Config Servers          v.galileo.com   
                        172.x.x.1               
IP Concentrators        vx.galileo.com  
                        172.x.x.2               


They have given me two choice to establish a VPN link to Galileo system;

1) Microsoft PPTP.
2) Nortel Extranet client.

I have tried both of them by opening all necessary ports on the ISA. Can
anyone of you have workedout with similar setup.

Any reply will be highly appreciated. Thank you in advance.

With Regards,

Jav






------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx




Other related posts: