I'm trying to build site to site vpn using two 5520s. Two ASAs are sitting behind edge Cisco routers. To allow ASAs have site to site VPN, what port do I have to allow on the router to pass VPN traffic? I have to allow remote FW IP to connect to local FW IP. Port 50,51 and 500?
Solved! Go to Solution.
Yes, you got them all: IP ports 50 and 51 and UDP port 500. Also leave the ICMP ports opened between the IPs for the PathMTU Dicovery.
Please rate if this helped.