07-14-2009 09:42 AM - edited 03-11-2019 08:54 AM
Does anyone know the ports which need to be open for a "ipsec-isakmp" vpn tunnel?
07-14-2009 10:01 AM
udp 500 for phase 1
eg: access-list ACL_NAME permit udp any host x.x.x.x eq 500
protocol ESP for phase 2.
eg: access-list ACL_NAME permit esp any host x.x.x.x
if nat-t is used, udp/tcp 10000 depending on your configuration. or whatever other port you configure for this.
07-14-2009 10:02 AM
Harrison
UDP 500 - ISAKMP
ESP 50 - IPSEC
Optionally -
ISAKMP NAT-Traversal - UDP 4500 (NAT-T)
IPSEC Over UDP - UDP 10000 (Default)
IPSEC Over TCP - TCP 10000 (Default)
Jon
07-14-2009 10:22 AM
eek..i can never rememeber 4500 for some reason.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: