Description: If a VPN-Router or VPN-Client (PPTP/IPsec) is behind the firewall in a local area network, the following ports and protocols must be released for the VPN connection to be established and for payload data to be transmitted: LANCOM VPN-Router: - IKE negotiation = UDP 500 - ESP encapsulating security payload (protocol 50) or Optionally: - AH authentication header (protocol 51)
- UPD port 4500 must be activated when using NAT-T
- UPD port 87 must be activated when using Dynamic VPN
LANCOM Advanced VPN Client: - IKE negotiation = UDP 500 - ESP encapsulating security payload (protocol 50) or Optionally: - AH authentication header (protocol 51)
- UPD port 4500 must be activated when using NAT-T
Windows IPSec/PPTP function: - PPTP negotiation = TCP 1723 (GRE is forwarded automatically with this entry) - IKE negotiation = UDP 500 - GRE general routing encapsulation (protocol 47) - ESP encapsulating security payload (protocol 50) You can find a summary of ports and protocol numbers under www.iana.org |
|