• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 651
  • Last Modified:

Ports needed to be opened

I am planning on deploying a SonicWall TZ150 to create an IPSec VPN and would like to know what ports need to be opened on a firewall to allow the VPN to connect. I am installing this solution on a Government facility and need to reqest the correct ports to be opened. I tried to install the device on the network last week and it would not connect. It would allow communication through port 80 but it looked like the problem was UPD port 500 but I want to make sure what ports I need to request to be opened.
0
Tim
Asked:
Tim
  • 2
1 Solution
 
getzjdCommented:
you are using the tz150 as an endpoint?  If so, just check the box "enable VPN" and configure the vpn.

Or is there an endpoint behind the tz150?
0
 
SteveH_UKCommented:
I don't know about the particular device you are using, but for IPsec VPNs to work you need the following:

IPsec generally needs UDP 500 for IKE (Internet Key Exchange).  You will also need AH (Authentication Header) and ESP (Encapsulated Security Payload) IP protocols to be allowed (51 and 50).  You may also need IPsec NAT-T which is UDP 4500.

Finally, it is often necessary to allow fragmented IP packets, as encrypted packets are often big.

0
 
SteveH_UKCommented:
Thanks for the points :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now