Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

What port(s) does VPN use ?

2 views
Skip to first unread message

Stuart Mackie

unread,
Jan 8, 2002, 2:53:02 PM1/8/02
to
I have setup a RAS server and would like to test remote VPN connections. It
has just occurred to me that I don't know what port VPN uses to open on my
firewall. I've had a quick look at the MS site but couldn't find it listed.

Can anyone tell me what ports I will need to open for VPN ?

Thanks,
Stuart.

Ben Smith [MS]

unread,
Jan 8, 2002, 3:08:53 PM1/8/02
to
In article <utpBM5HmBHA.1516@tkmsftngp07>, m...@stu.uk.com says...

This should help. http://support.microsoft.com/default.aspx?scid=kb;EN-
US;Q289241

The one thing this KB does not mention is that PPTP also uses GRE
(Protocol 47).

--
Ben Smith
Microsoft Training and Certification

This posting is provided “AS IS” with no warranties, and confers no
rights.

Ray Collins

unread,
Jan 8, 2002, 6:19:31 PM1/8/02
to
If you are using PPTP then TCP Port 1723 and IP Protocol ID 47 (GRE -
Generic Routing Encapsulation) should be allowed to pass through.

If you are using L2TP then you need to open UDP port 500 (IKE), Protocol ID
50 (IPSec ESP) and Protocol ID 51 (IPSec AH).

HTH

"Stuart Mackie" <m...@stu.uk.com> wrote in message
news:utpBM5HmBHA.1516@tkmsftngp07...

Stuart Mackie

unread,
Jan 8, 2002, 6:41:21 PM1/8/02
to
Thanks for the info, I'm using PPTP. 1 quick question. Whats the best
option between PPTP and L2TP for general use ? Soryr if this is too vague
:o)

Thanks,
Stuart.

"Ray Collins" <Ray.Coll...@Bigpond.com> wrote in message
news:uCWHwrJmBHA.2440@tkmsftngp07...

Ray Collins

unread,
Jan 8, 2002, 6:59:36 PM1/8/02
to
A quick vague answer :-)

If you use PPTP then your Microsoft client OS can be any of these:-
Windows XP, Windows 2000, Windows NT version 4.0, Windows ME, Windows 98,
Windows 95 (with the Windows Dial-Up Networking 1.3 or later Performance &
Security Update)

If you use L2TP/IPSec then you can use these :-
Windows XP, Windows 2000

For L2TP connections, a computer certificate must be installed on the VPN
client computer to provide authentication for establishing an IPSec security
association.

L2TP can be a lot of administrative hassle so you should have good reasons
to use it.

HTH


"Stuart Mackie" <m...@stu.uk.com> wrote in message

news:ue7Tx4JmBHA.1868@tkmsftngp03...

Ben Smith [MS]

unread,
Jan 8, 2002, 7:24:18 PM1/8/02
to
In article <#rFmJCKmBHA.1804@tkmsftngp03>, Ray.Coll...@Bigpond.com
says...

> A quick vague answer :-)
>
> If you use PPTP then your Microsoft client OS can be any of these:-
> Windows XP, Windows 2000, Windows NT version 4.0, Windows ME, Windows 98,
> Windows 95 (with the Windows Dial-Up Networking 1.3 or later Performance &
> Security Update)
>
> If you use L2TP/IPSec then you can use these :-
> Windows XP, Windows 2000
>
> For L2TP connections, a computer certificate must be installed on the VPN
> client computer to provide authentication for establishing an IPSec security
> association.
>
> L2TP can be a lot of administrative hassle so you should have good reasons
> to use it.
>
> HTH
>

Just a couple of notes...

IPsec with ESP also cannot be used if the connection must cross a NAT
router.

We are current beta testing an L2TP/IPSec client for Windows 98/NT 4.0.
See http://www.microsoft.com/vpn for more information.

Stuart Mackie

unread,
Jan 8, 2002, 7:33:10 PM1/8/02
to
Ok stick with PPTP :o) I'm only using it at home hehe.

Is it possible to connect on anything other than MS o/s's ? e.g. linux ?

Thanks,
Stuart.

"Ray Collins" <Ray.Coll...@Bigpond.com> wrote in message

news:#rFmJCKmBHA.1804@tkmsftngp03...

sew2

unread,
Jan 8, 2002, 8:40:09 PM1/8/02
to
Try searching for poptop. it is a linux pptp server

"Stuart Mackie" <m...@stu.uk.com> wrote in message
news:OGy3uVKmBHA.696@tkmsftngp05...
0 new messages