Networking, Firewall Ports Used for VPN Connections

This page contains information about which network ports must be permitted to pass through your computer and/or network firewall in order to establish a VPN connection.

If you run a firewall, it is imperative that the firewall rules allow the VPN traffic to pass in order to make a successful connection between your computer and the VPN server. Many firewalls are not configured to pass VPN traffic by default; you may need to reconfigure them yourself in order to permit the VPN connection.

This document cannot provide configuration instructions for the various manufacturers' firewalls. However, some general guidelines apply.

Control by host name or IP address

If your firewall controls access by identifying computers rather than by identifying ports, you should configure your firewall to allow trusted communication with the VPN server.

If your software asks for a "host name" or "site", enter vpn.cites.illinois.edu.

If your software asks for an "IP address" and allows CIDR notation, enter all of the networks (if possible):

  • 192.17.55.8/29
  • 192.17.88.24/30
  • 192.17.88.30/30

If you can't enter the CIDR notation (8/29) but can specify more than one IP address, enter:

  • 192.17.55.12
  • 192.17.88.26
  • 192.17.88.30

Control by ports and protocols: List below

Some firewalls require specific details about what ports and protocols should be permitted. The ports and protocols that are required for VPN traffic are:

Service Port
SSL (HTTPS) 443 (TCP)
IPsec 500 (UDP), 4500 (UDP), 10000 (UDP and TCP)

 




Keywords:VPN, firewall ports, off campus access   Doc ID:47667
Owner:Debbie F.Group:University of Illinois Technology Services
Created:2015-02-26 12:37 CSTUpdated:2017-10-02 10:09 CST
Sites:University of Illinois Technology Services
Feedback:  1   1