07-14-2009 09:42 AM - edited 03-11-2019 08:54 AM
Does anyone know the ports which need to be open for a "ipsec-isakmp" vpn tunnel?
07-14-2009 10:01 AM
udp 500 for phase 1
eg: access-list ACL_NAME permit udp any host x.x.x.x eq 500
protocol ESP for phase 2.
eg: access-list ACL_NAME permit esp any host x.x.x.x
if nat-t is used, udp/tcp 10000 depending on your configuration. or whatever other port you configure for this.
07-14-2009 10:02 AM
Harrison
UDP 500 - ISAKMP
ESP 50 - IPSEC
Optionally -
ISAKMP NAT-Traversal - UDP 4500 (NAT-T)
IPSEC Over UDP - UDP 10000 (Default)
IPSEC Over TCP - TCP 10000 (Default)
Jon
07-14-2009 10:22 AM
eek..i can never rememeber 4500 for some reason.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide