On Mon, 2006-10-09 at 17:36 -0400, Ric Moore wrote: > Ok, back to the saga of the DSL modem, I finally just caved in and kept > the DHCP connection with it port forwarding http to my machine on port > 80. It has been slow as hell and checking the modem I'm finding another > service enabled to passthrough, here it is: > > > Service Name > IPSEC ALG > Type > Port Forwarding > Port 1 > > Protocol > TCP/UDP > Global Port(s) > 500 > Base Host Port > 500 > Port 2 > > Protocol > TCP/UDP > Global Port(s) > 500 > Base Host Port > 500 > > Anyone know what that is?? I didn't set it. Ric Well, from http://www.symantec.com/avcenter/security/Content/2005.11.21.html "Dynamic IPsec VPN tunnels require the use of ISAKMP (Internet Security Association and Key Management Protocol), a standard protocol that provides the framework for establishing, negotiating, modifying, and deleting security associations. The ISAKMP service listens on UDP port 500 on all the security gateways" So I guess it has to do with IPsec VPN tunnels. If you are not using any VPN tunnels, then nuke it. -- Brian Millett - [ Talia Winters and Sinclair, "A Voice in the Wilderness I"] "It seems like every time I get into the tube, Mr. Garibaldi's there. It's like he *knows*." 'Talia, Mr. Garibaldi is many things, but he's not omniscient.' [Tube opens and Garibaldi is there.] "I think I'll take the stairs." 'I think I'll join you.'
