Solved: port number- 1194 UDP

ashutosh.joshi1 · ‎07-11-2017

Hello,

We are using Cisco ASA 5525, we also using Anyconnect VPN client to connect users from home or other networks.

I was checking and iIgot that we don't need Anyconnect VPN client software, We can use any open VPN client software and can connect to the network.

I wanted to know that how we can stop these things and is it the bug or something else???

Aditya Ganjoo · ‎07-11-2017

Hi Ashutosh,

Are you using any Ikev1 remote access configuration on ASA?

When you say you can connect from open VPN clients are you using SSL or IKE ?

Regards,

Aditya

View solution in original post

Aditya Ganjoo · ‎07-11-2017

Hi Ashutosh,

Are you using any Ikev1 remote access configuration on ASA?

When you say you can connect from open VPN clients are you using SSL or IKE ?

Regards,

Aditya

ashutosh.joshi1 · ‎07-11-2017

Hey Aditya,

Yes we are using that.

Aditya Ganjoo · ‎07-11-2017

Hi Ashutosh,

In that case, you may need to remove/disable that if you are not using it on ASA?

Regards,

Aditya

ashutosh.joshi1 · ‎07-11-2017

We are using Ikev1 for our client. Is there any other way to do it ???

Aditya Ganjoo · ‎07-11-2017

Hi Ashutosh,

As per what I have seen ASA does not support OpenVPN clients, it will not work because OpenVPN uses SSL configuration not similar to Anyconnect.

Can you check which protocol is being used by OpenVPN to connect to ASA?

Regards,

Aditya

ashutosh.joshi1 · ‎07-11-2017

port number-

 1194 UDP

Aditya Ganjoo · ‎07-11-2017

In that case, you can disable this port on the outside interface of the ASA.

Anyconnect uses TCP/UDP 443 while IKEv1/Ikev2 used UDP 500/4500 on ASA.

Regards,

Aditya

ashutosh.joshi1 · ‎07-12-2017

After blocking 1194 Usp port also we able to access.

VPN Issue