Solved: Ports used in IKE Phase 1

mahesh18 · ‎01-17-2014

Hi everyone,

Need to confirm during IKE Phase 1

we use port UDP 500

IKE Phase 2 we use ports

ESP -50

NAT-T UDP 4500

TCP-1000 ESP -50
NAT-T UDP 4500
TCP-1000

Regards

Mahesh

m.kafka · ‎01-19-2014

IKE phase 1 (main mode/aggressive mode) is udp src and dst 500

IKE phase 2 could be:

IP protocol 50 (ESP)
NAT-T is udp src (client) ephemeral dst (server) udp 4500
The tcp encapsulation found in the older VPN clients was src (client) ephemeral dst (server) tcp 10000 (10,000 in US resp. 10.000 in most of the other world)

m.kafka · ‎01-19-2014

IKE phase 1 (main mode/aggressive mode) is udp src and dst 500

IKE phase 2 could be:

IP protocol 50 (ESP)
NAT-T is udp src (client) ephemeral dst (server) udp 4500
The tcp encapsulation found in the older VPN clients was src (client) ephemeral dst (server) tcp 10000 (10,000 in US resp. 10.000 in most of the other world)

mahesh18 · ‎01-19-2014

Many thanks

Regards

MAhesh