Message Image

Skip main navigation (Press Enter).

Screen OS

last person joined: 8 months ago

This is a legacy community with limited Juniper monitoring.

Back to discussions

Expand all | Collapse all

Open Protocol ESP (IP 50) in Netscreen Policy

Jump to Best Answer

Erdem03-17-2008 04:43

Hello; Is it possible to open the protocol IP50 (ESP) in a Policy on Netscreen Firewall? i can open ...

Erdem03-17-2008 13:10Best Answer

Yes, you can specify ESP in a service. This is IP protocol 50 which is not TCP (protocol 6) or UDP (protocol ...

Erdem10-28-2010 06:25

No after configure set service "ESP" protocol 50 not working.. any other solution provide please..

Erdem11-01-2010 09:04

Hi, If you want to allow ipsec VPN through the FW you should also enable IKE (UDP 500) and, probably, ...

1. Open Protocol ESP (IP 50) in Netscreen Policy

0 Recommend
Erdem
Posted 03-17-2008 04:43
Hello;
Is it possible to open the protocol IP50 (ESP) in a Policy on Netscreen Firewall?
i can open only services with specific TCP or UDP Port ?
thanks for your help
2. RE: Open Protocol ESP (IP 50) in Netscreen Policy
Best Answer

0 Recommend
Erdem
Posted 03-17-2008 13:10
Yes, you can specify ESP in a service. This is IP protocol 50 which is not TCP (protocol 6) or UDP (protocol 17).

Example:
set service "ESP" protocol 50

-Richard
3. RE: Open Protocol ESP (IP 50) in Netscreen Policy

0 Recommend
Erdem
Posted 10-28-2010 06:25
No after configure set service "ESP" protocol 50 not working.. any other solution provide please..
4. RE: Open Protocol ESP (IP 50) in Netscreen Policy

0 Recommend
Erdem
Posted 11-01-2010 09:04
Hi,

If you want to allow ipsec VPN through the FW you should also enable IKE (UDP 500) and, probably, UDP 4500 for the ipsec NAT-T if NAT is used (port number for NAT-T may depend on the vendor, TCP is also used).

Kind regards
Edouard

Powered by Higher Logic