VPN Client Ports

Unanswered Question
Mar 6th, 2009
User Badges:

hello


I'm plaining to implement a Remote VPN architecture using Certificates. I need a list of ports to be opened in the Firewall to permit the communication between the VPN Client and the VPN Server (ASA).

I found this list:

UDP 500

UDP 4500

UDP 10000.


is there any other port?


Sincerely

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JamesLuther Fri, 03/06/2009 - 01:40
User Badges:
  • Silver, 250 points or more

Hi,


The list should be


UDP 500

UDP 4500

TCP 10000

ESP (IP protocol 50)




Regards

oabduo983 Sat, 03/07/2009 - 14:42
User Badges:
  • Bronze, 100 points or more

Hi,


In all cases you will need to open udp/500, however,


If you are using NAT-T, then you open UDP/4500 and no need for esp


and/or


if you are using IPSec over tcp 10000, then you open TCP/10000 (not udp/10000), and no need for esp


otherwise you will open only udp/500 and esp without any other protocol


please rate if this is helpful!

Actions

This Discussion