Fw: What ports need to be opened on remote fw to use Checkpoint SecuRemote VPN w/IKE?
Michael LeClair
mleclair at SEAGULL.COM
Fri Apr 20 17:36:54 EDT 2001
Help.
We are trying to get a Checkpoint-1 SecuRemote VPN connection to work
with a Checkpoint-1 (Nokia) firewall using IKE from behind a Watchguard
Firebox II fw.
The admin of the gateway fw said to open the following ports:
1.) TCP 256
2.) UDP 259
3.) UDP 50
4.) UDP 51
5.) UDP 500
... but, even though authentication is successful, a connection to the
client machines on their network behind their Checkpoint fw are not
accessible (can't telnet, ping, ftp, etc, all of which should be
available).
As an aside, I have seen incoming packet rejections on port 0 on our
Watchguard firewall from the Checkpoint-1 fw, but this port number may
not be accurate. I even saw somewhere that there may be a potential DOS
on port 0 using SecuRemote (supposedly reboots Unix clients?).
Any expert help would be appreciated.
mike
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list