[vpn-devel] Question about source ike port in windows
Lukas Macura
macura at opf.slu.cz
Mon Aug 15 08:39:01 CDT 2011
Hi to all,
please, we have "problem" with our windows installation of VPN client.
Looking into source, it seems that config is loaded on unix machines and
I can specify:
socket ike 5000
in /etc/iked.conf
Unfortunately, I did not find the way, how windows vpn client searches
this in registry and cannot change it. It is problem because we have
more developers behing one nated IP. Due to the fact, that client binds
to port 500 and we have isakmp inspection on firewall, firewall tries to
leave port 500 untouched and kills latest connection when creating new.
So only last developer has chance to access VPN server.
Cisco VPN client worked fine because source port was dynamic.
Please, is it too big hack to use some dynamic (random) port instead of
hard driven "500" in windows?
Ps: please include my address in reply, I am not in list.
Thank you very much,
Lukas Macura
More information about the vpn-devel
mailing list