VPN Ports

[ASaager]

just out of interest, waht ports need to be open for a standard vpn connection?

 

[Tomasykes]

For 'standard' PPTP VPN, TCP/IP port 1723 and Protocol 47 needs to be enabled.

 

[breader]

you may also need 137, 138, 139

 

[Ntr0P]

The SMB ports (137-139) wouldn't be needed. They will traverse the tunnel.

The port and IP protocol Tomasykes mentioned will work for PPTP.

For IPSec, you will need UDP port 500 and IP protocols 50 (ESP) and 51 (AH).

Remember IP protocols are not the same as ports. I've seen a lot of people confused by that. The IP protocol number defines the higher level protocol. For instance, TCP is IP protocol 6 and UDP is IP protocol 17.

 

[bilebalar]

NtrOP,

how can you make VPN work without 137 - 139??? can you give me some pointer??? 137 - 139 recently got blocked so i can create my vpn tunnel, but i can't access any shares.

please help!!!

thanks.

 

[Ntr0P]

You don't need ports 137-139 to create the tunnel is all I'm saying. Once the tunnel is created the SMB traffic destined for the remote subnet(s) will traverse the tunnel.

If you have established the tunnel and are still having problems with passing SMB traffic, there are other issues. The first thing to troubleshooting that issue is going to be figuring out where/how/why it is blocked. Is it an ACL or is there another issue?

 

[bilebalar]

i know it doesn't take 137-139 to create the tunnel. but i need that to do name resolution to locate shares on the server. the ports are blocked by our campus router.

thanks.