cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Client VPN Firewall Ports

SOLVED
Highlighted
Here to help

Client VPN Firewall Ports

Hey All,

 

I won't feel bad if you flame me with a RTFM, but does anyone know off hand which ports one would have to open on a firewall sitting in front of a Hub MX to let Meraki ClientVPN traffic (L2TP/IPSEC) through to said Hub?

 

UDP 500, UDP 4500, ESP 50, AH 51...? anything else, or not one of these?

 

Thanks,

 

rif

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Kind of a big deal

Re: Client VPN Firewall Ports

TShoot doc

 

https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Resolving_NetBIOS_names_ov...

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

View solution in original post

5 REPLIES 5
Highlighted
Kind of a big deal

Re: Client VPN Firewall Ports

UDP 500 and 4500

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Highlighted
Kind of a big deal

Re: Client VPN Firewall Ports

TShoot doc

 

https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Resolving_NetBIOS_names_ov...

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

View solution in original post

Highlighted
Here to help

Re: Client VPN Firewall Ports

Thanks man now i'll RTFM 😉

 

rif

Highlighted
Kind of a big deal

Re: Client VPN Firewall Ports

🤣😂 no worries @rafaelertel . Enjoy, it’s an excellent read

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Highlighted
Conversationalist

Re: Client VPN Firewall Ports

Today I had the same issue.

Port Forwarding UDP 500 and UDP 4500 to the inside LAN-adres of the hub will do.

Advise: test your Client VPN with a iPad or iPhone. This worked for me, immediately.

With the Apple clients you will see UDP 500 and UDP 4500 is okay.

MS Windows has problems with NAT-T (NAT Traversal) for ages.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.