Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
773
Views
0
Helpful
2
Replies

VPN Client UDP Ports

pjdiaz
Level 1
Level 1

‎02-09-2008 12:52 PM - edited ‎02-21-2020 03:32 PM

Our VPN 3005 router is allowing ISAKMP connections from clients when the client connection is UDP port 500 to UDP port 500. However, some remote clients seem to be trying UDP port XXX to UPD port 500 connections and these are being rejected.

Any thoughts why a client would attempt an ISAKMP connection with a source port that is not UDP 500?

Labels:
0 Helpful
2 Replies 2

srue
Level 7
Level 7

‎02-10-2008 07:20 PM

Their vpn clients are behind some sort of NAT/PAT device. Make sure you have enabled NAT-T on your vpn3005.

0 Helpful

khinze
Level 1
Level 1

‎04-23-2008 07:42 AM

I am seeing the same thing. Only it is with the Cisco 5.x IPSec Client. It connects with an ephemeral source and a dest of UDP:500. This is wreaking havoc on our ACL's.

Anyone know how to disable this behavior in the client?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents