Changing IPsec VPN Ports
-
Dear all,
there is a way to change the IPsec ports (500 and 4500) ? Because my ISP is blocking this ports.
Please Advise! -
Use OpenVPN, you can define the server port.
Andy
1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22
-
@NogBadTheBad OpenVPN site to site has many problem and very long troubleshooting instructions to do MTU, mmfix, ping delay, packet loss ..... etc
That’s why want to switch to IPsec -
You can't change the IPSec ports.
-
@NogBadTheBad said in Changing IPsec VPN Ports:
IPSec ports
Why? This is theoretically possible.
https://wiki.strongswan.org/projects/strongswan/wiki/StrongswanConf
charon.port 500 UDP port used locally. If set to 0 a random port will be allocated. charon.port_nat_t 4500 UDP port used locally in case of NAT-T. If set to 0 a random port will be allocated. Has to be different from charon.port, otherwise a random port will be allocated. -
If you want to go ahead hacking the code about feel free, it will break when pfSense is updated.
Much easier to run OpenVPN.
Maybe run IPSec over a GRE / GIF Tunnel.
-
Thanks all for your kind replies appreciated
