VPN Outbound
- From: "Thomas P. Endter" <tendter@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Tue, 8 Feb 2005 14:41:28 -0500
Hello,
My thanks go out to Stefaan Pouseele for his great article about
allowing IPSEC traffic through the ISA server. It worked so well that
now I'm trying to have my Checkpoint NG with Application Intelligence
(R55) 091 do the same. Stefaan's article showed clearly how to pass the
SecureClient traffic through the ISA. I would like to pass the Windows
VPN client pptp and then IPSEC traffic through my office's checkpoint to
my ISA 2004 server at home. The CP web site sucks and there doesn't seem
to be a web site like this one for that product, so please don't flame
me for asking a CP question in this forum. I tried my best to convince
the boss to go with the ISA server but he insisted on the CP.
I thought I'd start with passing pptp traffic and the trying the IPSEC
NAT-T once I got the pptp to pass. For the pptp I've allowed tcp 1723
and gre protocol 47. The ms vpn client gets as far as verifying the
username/password and then the ms client reports that the remote system
didn't responded. The cp does not log any rejects or drops as it relates
to the connection. What other ports do I need oped to allow this
traffic to pass?
Thanks,
Thomas P. Endter
Information Technology Manager
ChildNet
"To protect Broward's abused, neglected and abandoned children"
1400 West Commercial Blvd, 2nd Floor
Ft. Lauderdale, FL 33309
(954) 557-6597 Phone
(954) 202-3897 Fax
Other related posts:
