Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IPsec, can't browse the net!!!

Status
Not open for further replies.
Stingreen

Stingreen

Technical User
Mar 5, 2001
86
US
Guys, I'm trying to configure our windows2K servers' IPsec feature. I simply can't get out of the internet. (from the server)
I figured it should be a DNS problem. I was right because nslookup response turns "server timeout" errors.
I can't ping any sites, when I type ping it doesn't even turn an error message it hangs like that.
What should I enable, at least what port to get this thing working.
Port 80 is already permitted, so is 53. But I'm making a mistake somewhere.
Can anybody help ?
Thanks a lot.
 
Sort by date Sort by votes
OK, tell me then what exact rule would you allow to get out on the internet in LINUX / BSD ?
 
Upvote 0 Downvote
IPsec in which configuration is used?
Just a secure conenction between two hosts?
A tunnel? L2TP/IPSec? IPSec "tunnel"?

Don't forget that IPSec require some special ports to be open:
- for IKE: protocol UDP port 500
- for AH: protocol id 51
- for ESP: protocol ID50
ALso, I hope thatis not the case, but chec the implications of a NAT. If you have such a service, and your IPSec pacets wil cross it... then there are problems (imagine that IPSec is signing/encoding a packet, that will be later changed by a NAT..) Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, soon MCSE2k
 
Upvote 0 Downvote
Hey thanks for the reply, I've already solved the problem.
I should've permit the "UDP" 53rd port as well as TCP one.
That did the trick, and now mail delivery works like a charm..
Thanks again!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
136
Russtoleum
Russtoleum
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
540
nnaarrnn
nnaarrnn
Garbear
  • Locked
  • Question
TZ190 VPN Connection works but can't ping some IP's on either side
Replies
0
Views
117
Garbear
Garbear
DivemasterBill
  • Locked
  • Question
Cannot connect via the SonicWall Login webpage
Replies
0
Views
146
DivemasterBill
DivemasterBill
TECHMAN007
  • Locked
  • Question
L2TP over IPSEC with PAP
Replies
0
Views
151
TECHMAN007
TECHMAN007

Part and Inventory Search

Sponsor

Back
Top