• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Cisco VPN Client

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> VPN >> Cisco VPN Client Page: [1]
Message << Older Topic   Newer Topic >>
Cisco VPN Client - 10.Jul.2002 10:23:00 PM   


Posts: 7
Joined: 4.Jun.2002
From: virginia
Status: offline
I need to allow a user on my company LAN to access a remote site using Cisco's VPN Client. How difficult is it to allow that traffic through?
Post #: 1
RE: Cisco VPN Client - 10.Jul.2002 10:42:00 PM   


Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi dru,

some links about this subject:
- http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=2;t=001902
- http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=2;t=002752
- http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=000503
- http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=000495
- http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=000570
- http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=000684
- http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=1;t=000916

The basic setup is:

1. Create two protocol definitions:
- UDP Port 500 Send Receive : this is for the IKE protocol (key negotiation).
- UDP Port XXXX Send Receive : this is for the UDP encapsulated ESP packets. The administrator of the VPN gateway should be able to tell you the exact portnumber to use.

2. Next, create a protocol rule who allows those two created protocols.

3. One thing you must keep in mind is that the client must be a SecureNAT client and that the firewall client must be disabled when setting up the VPN connection. Also, when certificates are involved disable filtering of IP fragments on ISA.

BTW --- in general, any IPSec implementation who supports NAT Traversal or UDP encapsulated ESP should work from behind ISA.


(in reply to arsoley)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> VPN >> Cisco VPN Client Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts