General discussion

Locked

Novell BorderManger Ports for VPN & NAT

By yuemo ·
Hi,

We have a Novell BorderManager to do NAT to private network and establish VPN tunnels for Novell VPN clients. Now we want to put a firewall before the BorderManger.

I'd like to know which ports should be open on the firewall for the BorderManger to function as normal: doing the NAT, and establishing VPN tunnels.

Thanks!

-Yuemo

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Novell BorderManger Ports for VPN & NAT

by punderwood In reply to Novell BorderManger Ports ...

For VPN access there is only one port that requires being open ISAKMP which is UDP port 500. This is for the Diffie Hellman key exchange. You will have to configure the firewall to allow protocols 50 and 51 which are ESP and AH, these are the transport mechanisms for the VPN. AS for NAT, depending on how many public IP addresses you have dictates whether you have a static or dynamic translation i.e one to one or many to one.
SO it may be that your bordermanager does NAT as well as the Firewall, if you encounter problems you can stop the random sequence number part of NAT, I know cisco can do this.

Collapse -

Novell BorderManger Ports for VPN & NAT

by yuemo In reply to Novell BorderManger Ports ...

Poster rated this answer

Collapse -

Novell BorderManger Ports for VPN & NAT

by yuemo In reply to Novell BorderManger Ports ...

This question was closed by the author

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums