The Broadband Guide
search advanced
 forgot password?
FAQs Categories:

What ports does VPN use ?

Tags: , , , , , ,
There are different types of Virtual Private Networks (VPNs) that allow you to create a secure connection to another network over the Internet. Below is a list of the common VPN types, and the ports/protocols they use to communicate. This information can be used to allow those ports through firewalls and NAT routers, or troubleshoot such VPN connections.

PPTP (Point-to-Point Tunneling Protocol) VPN [RFC 2637] - commonly used to access a Microsoft Remote Access Server (RAS)
port 1723 TCP
GRE (Generic Routing Encapsulation, IP protocol=47)

L2TP (Layer Two Tunneling Protocol) VPN - an extension of PPTP often used with IPSec to establish a VPN.
port 1701 TCP
port 500 UDP
port 4500 UDP

IPSec (Internet Protocol Security) VPN
port 500 UDP (IKE negotiations)
port 4500 UDP (in the presence of NAT-T, Network Address Translation-Traversal)

Note: NAT-T is used with IPSec because any changes to IP addressing causes IKE to discard packets. IPSec may also need ESP (Encapsulated security Protocol, IP protocol 50), and AH (Authentication Header, IP protocol 51)

SSTP (Secure Socket Tunneling Protocol) VPN, a.k.a. SSL VPN - uses private key to encrypt data over a SSL connection
port 443 TCP

Note: may also use ports 465 (Secure SMTP), 993 (Secure IMAP), and 995 (Secure POP)

port 1194 TCP/UDP
port 443 TCP

Note: OpenVPN traffic can be hidden by forwarding just port 443 TCP in your NAT router/firewall instead of using teh default port 1194 TCP/UDP.

General Notes:
IP protocols quoted above, like 47 (GRE), 50 (ESP), 51 (AH) are IP protocol numbers, not port numbers inside TCP/UDP headers.

  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About