A New Template for Joomla!


What ports need to be open for an IPsec VPN client to work?

You will need to be certain that your firewall allows the following protocols inbound/outbound:

  • UDP port 500 (IKE, Internet Key Exchange)
  • IP Protocol 50 (ESP)
  • IP Protocol 51 (AH)

Also, you will need one of the following two:

  • UDP port 10000 (IPSec encapsulated in UDP) or
  • TCP port 443 (IPSec encapsulated in TCP)
    <div class="moduletable">

If you are behind a device that does NAT (Network Address Translation) you will need to be sure it handles the IKE packets (i.e. it should know not to change the source port on IKE packets). On the Linksys model routers you do this by checking the "IPSec Passthrough" option, but most other firewalls know this protocol as well.

These ports should allow any IPsec VPN client including CISCO and Nortel.

Source: Brown University Wiki