<div>
The source port is randomly assigned to allow multiple connections from one system to another.<br />
The destination port is how ANY client can find a server. ie. 80 = HTTP (web server), 443 = HTTPS (Webserver), 25 = SMTP (e-mail) etc. etc.<br />
<br />
Binding to a source port CAN be done, but it also limits the connection 1 on 1 between two systems.<br />
A browser already opens 4+ connections to collect various resources from a server (HTTP/1.0 &amp;&nbsp;HTTP/11.) &nbsp;that would not be possible with bound connections.
</div>


<div>
Thanks Noci. So does that mean if I know the destination port, I should be able to lock down the VPN to that port? Or, will I have to keep it to 'ANY' as the source ports always change coming inbound and therefore I can't lock it down?
</div>


Yashy

<div>
^^ 100% correct :)<br />
<br />
What firewall is it? I tend to use Cisco ASA. then I can do a packet-capture and find out exactly what ports need to be open :)
</div>


<div>
<div class="content wysiwyg-content">
Hi guys<br />
<br />
We have an application on our work premises that people externally use VPN to access. The port has been set to 'ANY'. However, if I wanted to lock this port down, I have some issues as there is no documentation on what the ports are. When I look at the firewall logs, I can see that the source port always changes but the destination port stays the same. What does this mean if the source port changes but the destination port is the same? I assume the destination port is the port on the application on our side and therefore we can lock the VPN ports down to this destination port?<br />
<br />
Thanks for helping<br />
Yashy
</div>
</div>


Hi guys

We have an application on our work premises that people externally use VPN to access. The port has been set to 'ANY'. However, if I wanted to lock this port down, I have some issues as there is no documentation on what the ports are. When I look at the firewall logs, I can see that the source port always changes but the destination port stays the same. What does this mean if the source port changes but the destination port is the same? I assume the destination port is the port on the application on our side and therefore we can lock the VPN ports down to this destination port?

Thanks for helping
Yashy

Locking down VPN ports for application being used....

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.

SSL / HTTPS

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.