Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

VPN Ports

Does anyone know the ports which need to be open for a "ipsec-isakmp" vpn tunnel?

3 REPLIES
Gold

Re: VPN Ports

udp 500 for phase 1

eg: access-list ACL_NAME permit udp any host x.x.x.x eq 500

protocol ESP for phase 2.

eg: access-list ACL_NAME permit esp any host x.x.x.x

if nat-t is used, udp/tcp 10000 depending on your configuration. or whatever other port you configure for this.

Hall of Fame Super Blue

Re: VPN Ports

Harrison

UDP 500 - ISAKMP

ESP 50 - IPSEC

Optionally -

ISAKMP NAT-Traversal - UDP 4500 (NAT-T)

IPSEC Over UDP - UDP 10000 (Default)

IPSEC Over TCP - TCP 10000 (Default)

Jon

Gold

Re: VPN Ports

eek..i can never rememeber 4500 for some reason.

186
Views
0
Helpful
3
Replies
CreatePlease to create content