|3) Setting up port and protocol forwarding on a LANCOM router (scenario 2 only):|
IPSec requires the use of the UDP ports 500 and 4500 as well as the protocol ESP. These must be forwarded to the Unified Firewall.
Forwarding the UDP ports 500 and 4500 automatically causes the ESP protocol to be forwarded.
If you are using a router from another manufacturer, ask them about appropriate procedure.
If the UDP ports 500 and 4500 and the ESP protocol are forwarded to the Unified Firewall, an IPSec connection to the LANCOM router can only be used if it is encapsulated in HTTPS (IPSec-over-HTTPS). Otherwise, no IPSec connection will be established.
3.1) Open the configuration for the router in LANconfig and switch to the menu item IP-Router -> Masq. -> Port forwarding table.
3.2) Save the following parameters:
- First port: Specify the Port 500.
- Last port: Specify the Port 500.
- Intranet address: Specify the IP address of the Unified Firewall in the transfer network between the Unified Firewall and the LANCOM router.
- Protocol: From the drop-down menu, select UDP.
3.3) Create a further entry and specify the UDP port 4500.
3.4) Write the configuration back to the router.