Cisco vpn client

Hello,
am new here, have a qn that i need your help. Which port(s) is used to enable VPN client to run across a network perimeter? the issue is i am running a vpn client to connect to a remote partner but it doesnt go through my network, but when i run on a public internet it goes successfully. so i need to know the ports used by cisco vpn client so i can allow.

thanks much

Exaud

Hello Exaud

Welcome to the forum! Now the problem you are describing may indeed have to do with ports. Which ports are used depends on the setup of your Cisco VPN client. There are three possibilities:

  1. If you are doing simple NAT traversal, then you will be using UDP port 500 for IKE negotiation and IPSec data traffic will uses UDP port 4500.
  2. If you are doing IPSec over UDP, then you still use UDP port 500 for IKE negotiation but IPSec data traffic is tunnelled through a predefined UDP port. The default UDP port for this traffic is 10000.
  3. if you are doing IPSec over TCP, then both IKE negotiation and IPSec data traffic will use a single predefined TCP port. The default TCP port for this is 10000. This is the only instance in which both IKE and IPSec are in the same stream.

I hope this has been helpful!

Laz

1 Like