What ports does VPN use ?
There are different types of Virtual Private Networks (VPNs) that allow you to create a secure connection to another network over the Internet. Below is a list of the common VPN types, and the ports/protocols they use to communicate. This information can be used to allow those ports through firewalls and NAT routers, or troubleshoot such VPN connections.
PPTP (Point-to-Point Tunneling Protocol) VPN [RFC 2637] - commonly used to access a Microsoft Remote Access Server (RAS)
port 1723 TCP
GRE (Generic Routing Encapsulation, IP protocol=47)
L2TP (Layer Two Tunneling Protocol) VPN - an extension of PPTP often used with IPSec to establish a VPN.
port 1701 TCP
port 500 UDP
port 4500 UDP
IPSec (Internet Protocol Security) VPN
port 500 UDP (IKE negotiations)
port 4500 UDP (in the presence of NAT-T, Network Address Translation-Traversal)
Note: NAT-T is used with IPSec because any changes to IP addressing causes IKE to discard packets. IPSec may also need ESP (Encapsulated security Protocol, IP protocol 50), and AH (Authentication Header, IP protocol 51)
SSTP (Secure Socket Tunneling Protocol) VPN, a.k.a. SSL VPN - uses private key to encrypt data over a SSL connection
port 443 TCP
Note: may also use ports 465 (Secure SMTP), 993 (Secure IMAP), and 995 (Secure POP)
port 1194 TCP/UDP
port 443 TCP
Note: OpenVPN traffic can be hidden by forwarding just port 443 TCP in your NAT router/firewall instead of using teh default port 1194 TCP/UDP.
IP protocols quoted above, like 47 (GRE), 50 (ESP), 51 (AH) are IP protocol numbers, not port numbers inside TCP/UDP headers.