IPsec client and Vista "ports"

Unanswered Question

We use an ACL at the router to block wireless users from going anywhere but to a VPN 3030 public interface. With Vista and VPn client 4.8.02, I can't reach the VPN interface (pings fine however), once I removed the ACL, then I connected fine. Seems I need to allow a new protocol or port thru my ACL. Does somebody know if VISTA might use different ports to communicate with the VPN concentrator. When I sniffed the port on my laptop, seems the only difference with Win XP when using the VPN is the UDP source port, but this changes every time I think. The ISAKMP handshake looks the same. Thanks.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Tue, 02/06/2007 - 13:35

What does your acl look like? For ipsec vpn you need esp protocol, isakmp udp 500, and maybe nat-t udp 4500.


This Discussion