IKE Ports 1

[vallan]

We need to connect via vpn between two checkpoint firewalls. We are using IKE, FWZ security. WHat ports do we need to open for this connection to go through.

Thanks

 

[SgtB]

IKE uses udp/500. Not sure about FWZ. ________________________________________
Check out

http://www.security-forums.com

 

[gzuszgr8]

Here are the ports used by Secure Remote

TCP port 264 (FireWall-1 4.1 and beyond) or TCP port 256 (FireWall-1 4.0 and earlier) between client and Management Console. This is only needed to fetch and update the site information and will always originate from the SecuRemote client.
TCP Port 18231 (FireWall-1 NG) or TCP Port 18207 (FireWall-1 4.1) is used if Secure Client needs to authenticate with a policy server
UDP port 259 to negotiate encryption and authentication information for FWZ.
UDP port 18234 (FireWall-1 NG) is used for testing VPN tunnel availability in NG FP1 when Office Mode is enabled.
UDP port 500 to negotiate encryption keys when IKE is used.
UDP port 2746 when UDP Encapsulation is used.
IP Protocol 94 bi-directionally when FWZ encapsulation is used.
IP Protocol 50 bi-directionally when IKE is used.

 

[SteffenR]

IP Protocol 50 is ESP. IKE is not a protocol. It is a mechanism.

Why using FWZ? FWZ was removed from CheckPoint itself in the new versions of NG. I don´t know any advantage of FWZ over IPSec and it´s protocols.

Regards,
Steffen