Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
413
Views
0
Helpful
3
Replies

VPN Ports

HMidkiff
Level 1
Level 1

‎07-14-2009 09:42 AM - edited ‎03-11-2019 08:54 AM

Does anyone know the ports which need to be open for a "ipsec-isakmp" vpn tunnel?

Labels:
0 Helpful
3 Replies 3

srue
Level 7
Level 7

‎07-14-2009 10:01 AM

udp 500 for phase 1

eg: access-list ACL_NAME permit udp any host x.x.x.x eq 500

protocol ESP for phase 2.

eg: access-list ACL_NAME permit esp any host x.x.x.x

if nat-t is used, udp/tcp 10000 depending on your configuration. or whatever other port you configure for this.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎07-14-2009 10:02 AM

Harrison

UDP 500 - ISAKMP

ESP 50 - IPSEC

Optionally -

ISAKMP NAT-Traversal - UDP 4500 (NAT-T)

IPSEC Over UDP - UDP 10000 (Default)

IPSEC Over TCP - TCP 10000 (Default)

Jon

0 Helpful

srue
Level 7
Level 7
In response to Jon Marshall

‎07-14-2009 10:22 AM

eek..i can never rememeber 4500 for some reason.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card