08-23-2009 07:37 PM
I have behind the netscreen an Apple VPN Server and for that I need to forward the port 500 and some other ports.
I have configured the policy and when I do on the interface the VIP configuration it tells me that:
"Not supported service: (ip: *untrust IP here*/port:500) is for management of the box"
Now I think, that somehow VPN is active on the netscreen itself and therefore using this port. Any chance that I can turn it off and where please? I couldn't find it.
Or am I totally wrong?
For any hints I would be happy.
08-26-2009 07:24 AM
Yes, port 500 is used by the box. I don't recall that there is any way to turn it off. Are you setting up a VIP for this? You can use port 500 on the inside and use some other port on the outside - so set your virtual port to something like 501 - have users connect to that and then map to a defined service on port 500.
Also - you should post firewall questions in the firewall forum for faster response.
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador
Juniper Elite Reseller
J-Partner Service Specialist - Implementation
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
08-26-2009 08:34 AM
Thank you for your response.
Sadly I can't reconfigure the ports of my laptop for the vpn connection as I can't for my iPhone.
Sorry about posting this in the ssl vpn section, thought that this would be the best idea. I will try in the FW section then as well.