Ike Port
All Replies
-
Normally, you would not want to change the UDP port number unless it is already in use in your network. Existing port numbers are like identifiers to make it easy for devices and software to identify the traffic packets.
If you change the numbers on both sides, it might work, but there is no absolute guarantee that it will work as intended. You are more on your own when you use custom numbers.
0 -
IKE and the port it uses can't be changed services just list some default used ports for given things to allow by firewall like if you change HTTP port 80 to some other port you have not changed how traffic goes out.
If your ISP is blocked UDP 500, 4500 and protocol 50 theirs not much you can do, can Zyxel add changes to allow a change in ports for VPN yes but will they is another question.
Ways around this problem is costly by another USG at either end by double NAT or bridge (but likely your ISP blocks protocol 50 so one end would have to be double NAT) with a NAT rule to static IP's
This is how both ends would need and then both need a NAT rule to change the port back to what it would use.
the above works to change DNS port 53 to 443 to Open DNS be handy if Zyxel added FQDN (not WILDCARD) support in NAT
1
Master Member
Guru Member
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.2K Security
- 96 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 921 WirelessLAN
- 35 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 950 Nebula FAQ
- 425 Security FAQ
- 238 Switch FAQ
- 207 WirelessLAN FAQ
- 47 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
