Reg. VPN Ports

Hello,

We just established Remote Access VPN on our network,
behind firewall everything is working fine but when I try
to connect through out side network it is not connecting.
So please let me know which ports I need to open in our
firewall or router.

Thanks,
Joy

If using PPTP open the following

TCP Port 1723
Protocol 47 ( GRE ) - On some router devices, this may be
enabled as a feature called VPN pass-through

If using L2TP open the following

UDP Port 1701
UDP Port 500 - This is for IKE negotiation

--
--
Dusty Harper
Microsoft Corporation
----------------------------------------------------------------------------
This posting is provided "AS IS", with NO warranties and confers NO rights
----------------------------------------------------------------------------

"Joy" <(E-Mail Removed)> wrote in message
news:0b9601c3d539$cce5f2e0$(E-Mail Removed)...
> Hello,
>
> We just established Remote Access VPN on our network,
> behind firewall everything is working fine but when I try
> to connect through out side network it is not connecting.
> So please let me know which ports I need to open in our
> firewall or router.
>
> Thanks,
> Joy

Thanks.
So far I opened TCP 1723 & UDP 500, 1701 and 4500 ports on
our Cisco Router but it is not working. When I am not
blocking any trafic of VPN server on Router its working
fine. One more thing how can I open 47 its protocol no or
else?

Thanks a lot,
Joy

>-----Original Message-----
>If using PPTP open the following
>
> TCP Port 1723
> Protocol 47 ( GRE ) - On some router devices,
this may be
>enabled as a feature called VPN pass-through
>
>If using L2TP open the following
>
> UDP Port 1701
> UDP Port 500 - This is for IKE
negotiation
>
>--
>--
>Dusty Harper
>Microsoft Corporation
>----------------------------------------------------------
------------------
>This posting is provided "AS IS", with NO warranties and
confers NO rights
>----------------------------------------------------------
------------------
>
>"Joy" <(E-Mail Removed)> wrote in message
>news:0b9601c3d539$cce5f2e0$(E-Mail Removed)...
>> Hello,
>>
>> We just established Remote Access VPN on our network,
>> behind firewall everything is working fine but when I
try
>> to connect through out side network it is not
connecting.
>> So please let me know which ports I need to open in our
>> firewall or router.
>>
>> Thanks,
>> Joy
>
>
>.
>

Port 4500 is used for NAT Traversal ( allows L2TP with IPSec to traverse a
NAT properly )

The Cisco command to allow for these are

! PPTP
Access-list 101 Permit TCP Any Host %IPAddress% Eq 1723
Access-list 101 Permit 47 Any Host %IPAddress%

! L2TP
Access-list 101 Permit UDP Any Host %IPAddress% Eq 1701
Access-list 101 Permit UDP Any Host %IPAddress% Eq 500
Access-list 101 Permit UDP Any Host %IPAddress% Eq 4500

! Explicit Deny
Access-list 101 Deny IP Any Any

where %IPAddress% is the IP of the Remote Access Server

Depending on how your network is set up will determine if this in fact will
work for you.

--
--
Dusty Harper
Microsoft Corporation
----------------------------------------------------------------------------
This posting is provided "AS IS", with NO warranties and confers NO rights
----------------------------------------------------------------------------

"Joy" <(E-Mail Removed)> wrote in message
news:09cf01c3d55a$27a14840$(E-Mail Removed)...
> Thanks.
> So far I opened TCP 1723 & UDP 500, 1701 and 4500 ports on
> our Cisco Router but it is not working. When I am not
> blocking any trafic of VPN server on Router its working
> fine. One more thing how can I open 47 its protocol no or
> else?
>
> Thanks a lot,
> Joy
>
> >-----Original Message-----
> >If using PPTP open the following
> >
> > TCP Port 1723
> > Protocol 47 ( GRE ) - On some router devices,
> this may be
> >enabled as a feature called VPN pass-through
> >
> >If using L2TP open the following
> >
> > UDP Port 1701
> > UDP Port 500 - This is for IKE
> negotiation
> >
> >--
> >--
> >Dusty Harper
> >Microsoft Corporation
> >----------------------------------------------------------
> ------------------
> >This posting is provided "AS IS", with NO warranties and
> confers NO rights
> >----------------------------------------------------------
> ------------------
> >
> >"Joy" <(E-Mail Removed)> wrote in message
> >news:0b9601c3d539$cce5f2e0$(E-Mail Removed)...
> >> Hello,
> >>
> >> We just established Remote Access VPN on our network,
> >> behind firewall everything is working fine but when I
> try
> >> to connect through out side network it is not
> connecting.
> >> So please let me know which ports I need to open in our
> >> firewall or router.
> >>
> >> Thanks,
> >> Joy
> >
> >
> >.
> >