Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

XPSP2 NAT-T (force initiator default port to 4500 instead of 500?????)

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> XPSP2 NAT-T (force initiator default port to 4500 instead of 500?????) Page: [1]
Login
Message << Older Topic   Newer Topic >>
XPSP2 NAT-T (force initiator default port to 4500 inste... - 9.Mar.2005 7:31:00 PM   
auto

 

Posts: 3
Joined: 7.Aug.2004
Status: offline 		Does anyone know a way to force the Microsoft XPSP2 VPN client to initiate IPSEC negotiations on UDP 4500 rather than 500?

My ISP blocks ports 1-1024 incoming to "protect the customer".

I can connect via my laptop to the ISA 2004 VPN if I am on the same subnet as the external interface of the server.

If I take the laptop home I can see the allow rule for VPN from my public IP on port 500 and the ISA server responds on port 500 but then it times out wating for a response from the initiator.

If I could get the client to start negotiations on UDP 4500 it should successfully connect when the ISA responds on 4500 which is not blocked.
Post #: 1
RE: XPSP2 NAT-T (force initiator default port to 4500 i... - 9.Mar.2005 8:51:00 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Auto,

Both 500 and 4500 are required and part of the spec.

HTH,
Tom

(in reply to auto)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> XPSP2 NAT-T (force initiator default port to 4500 instead of 500?????) Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts