GettingIPO
IS-IT--Management
Hi there, does anyone know which ports are used on a VPN between XP Pro and server 2003?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
VPN Ports used 2
- Thread starter GettingIPO
- Start date
- Status
-
1
- #2
- Thread starter
- #3
-
1
- #4
If I'm having an IPSEC issue, as with some routers, I usually only have to enable port 500. What's this "protocol" port 50 & 51 you're talking about?
<pardon my lack of knowledge in this area>
~cdogg
"Insanity: doing the same thing over and over again and expecting different results." - Albert Einstein
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
<pardon my lack of knowledge in this area>
~cdogg
"Insanity: doing the same thing over and over again and expecting different results." - Albert Einstein
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
this would require IPSec Passthrough on a router that supports VPN passthrough.
Protocol 50 & 51 are two protocols used in IPSec VPN Encryption and Communication.
Remember that a port, is something that a protocol needs to be able to access your system, while a protocol is a set of rules governing how data works.
IP, TCP, UDP, ICMP are all examples of protocols.
Now, just as TCP/IP is the defuncto standard of IPv4, IPSec is the defuncto standard requirement of IPv6. Protocol 50 & 51 are part of the IPSec suite of protocols to encrypt and secure the data payload and headers.
IPv4 would be comparable to IPv6
TCP/IP is comparable to IPSec
TCP and IP would be comparable to Protocols 50 & 51
that's how you'd look at it in a layered approach.
Computer/Network Technician
CCNA
Protocol 50 & 51 are two protocols used in IPSec VPN Encryption and Communication.
Remember that a port, is something that a protocol needs to be able to access your system, while a protocol is a set of rules governing how data works.
IP, TCP, UDP, ICMP are all examples of protocols.
Now, just as TCP/IP is the defuncto standard of IPv4, IPSec is the defuncto standard requirement of IPv6. Protocol 50 & 51 are part of the IPSec suite of protocols to encrypt and secure the data payload and headers.
IPv4 would be comparable to IPv6
TCP/IP is comparable to IPSec
TCP and IP would be comparable to Protocols 50 & 51
that's how you'd look at it in a layered approach.
Computer/Network Technician
CCNA
Great, thanks for that! I didn't realize that protocols carried a numerical classification. I guess I was confusing that number with port numbers...
~cdogg
"Insanity: doing the same thing over and over again and expecting different results." - Albert Einstein
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
~cdogg
"Insanity: doing the same thing over and over again and expecting different results." - Albert Einstein
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
832017 - Port Requirements for the Microsoft Windows Server System
aha, it's protocol 47, not 40 that PPTP uses.
But alas it's all there.
Routing and Remote Access
The Routing and Remote Access service provides multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and NAT routing services. Additionally, the Routing and Remote Access service also provides dial-up and VPN remote access services. Although Routing and Remote Access can use all the following protocols, the service typically uses only a subset of them. For example, if you configure a VPN gateway that lies behind a filtering router, you will probably use only one technology. If you use L2TP with IPsec, you must allow IPsec ESP (IP protocol 50), NAT-T (TCP on port 4500), and IPsec ISAKMP (TCP on port 500) through the router.
Note Although NAT-T and IPsec ISAKMP are required for L2TP, these ports are actually monitored by the Local Security Authority. For additional information about this, see the "References" section of this article.
System service name: RemoteAccess
Application protocol Protocol Ports
GRE (IP protocol 47) GRE n/a
IPsec AH (IP protocol 51) AH n/a
IPsec ESP (IP protocol 50) ESP n/a
L2TP UDP 1701
PPTP TCP 1723
Computer/Network Technician
CCNA
But alas it's all there.
Routing and Remote Access
The Routing and Remote Access service provides multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and NAT routing services. Additionally, the Routing and Remote Access service also provides dial-up and VPN remote access services. Although Routing and Remote Access can use all the following protocols, the service typically uses only a subset of them. For example, if you configure a VPN gateway that lies behind a filtering router, you will probably use only one technology. If you use L2TP with IPsec, you must allow IPsec ESP (IP protocol 50), NAT-T (TCP on port 4500), and IPsec ISAKMP (TCP on port 500) through the router.
Note Although NAT-T and IPsec ISAKMP are required for L2TP, these ports are actually monitored by the Local Security Authority. For additional information about this, see the "References" section of this article.
System service name: RemoteAccess
Application protocol Protocol Ports
GRE (IP protocol 47) GRE n/a
IPsec AH (IP protocol 51) AH n/a
IPsec ESP (IP protocol 50) ESP n/a
L2TP UDP 1701
PPTP TCP 1723
Computer/Network Technician
CCNA
- Status
Similar threads
- Locked
- Question