Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hello;
Is it possible to open the protocol IP50 (ESP) in a Policy on Netscreen Firewall?
i can open only services with specific TCP or UDP Port ?
thanks for your help
Yes, you can specify ESP in a service. This is IP protocol 50 which is not TCP (protocol 6) or UDP (protocol 17).
Example:
set service "ESP" protocol 50
-Richard
No after configure set service "ESP" protocol 50 not working.. any other solution provide please..
Hi,
If you want to allow ipsec VPN through the FW you should also enable IKE (UDP 500) and, probably, UDP 4500 for the ipsec NAT-T if NAT is used (port number for NAT-T may depend on the vendor, TCP is also used).
Kind regards
Edouard