Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What ports to allow through for VPN access to Checkpoint NG

Status
Not open for further replies.
rstockton

rstockton

MIS
Aug 13, 2001
118
0
0
US
I will be implementing a client-to-site VPN to allow road warriors to tunnel in from the Internet. Our firewall sits behind a router running ACLs. My question to you is what ports do I need to allow through the external router to the Checkpoint NG firewall/VPN module?

The clients will be running Checkpoint's SecureClient.

Thanks in advance

-r
 
Sort by date Sort by votes
If you are using normal IPSec without AH, you'll need to open up UDP port 500 for IKE, and protocol 50 (_protocol_, not port) for IPSec ESP. If you are using AH, you will also need protocol 51.

If you are using UDP wrapped IPSec, you'll just need UDP/500 and whatever UDP port you encapsulate in.
 
Upvote 0 Downvote
Thanks,

I've also been advised to pass:

tcp 18231
udp 18233
tcp 90
udp 2746
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
169
sircles
sircles
teknance
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
306
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Question
Best vpn safe and fast
Replies
4
Views
197
GlobeTrekkerGal
GlobeTrekkerGal
F
  • Question
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
0
Views
1K
FrankSider12
F
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
126
Joon Smith
Joon Smith

Part and Inventory Search

Sponsor

Back
Top