01-06-2018 06:22 PM - edited 03-12-2019 04:53 AM
I was told to open both ipsec phase 1 and phase 2 port, may I know the command to open the port? thanks
01-06-2018 07:41 PM
What device are you doing this on?
Generally speaking you need to allow ip protocol 50 and 51 as well as udp port 500.
01-06-2018 08:00 PM
01-06-2018 08:48 PM - edited 01-06-2018 08:49 PM
Right -the udp 4500 is only necessary if there’s a device between the tunnel endpoints doing NAT.
Protocol 50 - ESP (Encapsulating Security Protocol)
Protocol 51 - AH (Authentication Header)
udp/500 - ISAKMP (Internet Security Association and Key Management Protocol)
udp/4500 - NAT-T (Network Address Translation - Traversal)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide