Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 33673 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IKE UDP Port seems to be blocked

Fadzlee Yasin

If you guys having this issue, I have solid answer base on my environment.

For those using RemoteIPSec via sophos connect and having issue with: IKE UDP port block, that means you try to establish the connection with 4G external/modem or router. To solve this, login to the portable modem/router and go to port forwarding/virtual host. Add the port number to allow UDP (500 & 4500). Point the connection to the interface IP of your firewall. Thats pretty much it. You should able to connect without the issue.



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for taking the time to share your observation. In most cases, the IKE UDP port is blocked by the upstream device(ISP). You can verify this by running a packet capture on the firewall while trying to connect a remote user using IPsec remote access(Sophos Connect Client). If you don't see any traffic on the firewall on the source public IP address on port UDP 500, meaning the remote user's ISP blocks the port.

    Thanks,

  • 0 in reply to FormerMember

    I agree on that. But most cases, ISP just said they allow everything. Hard to drag the ISP on this issue since we start using best effort Internet now to use IPSec VPN (cheap). if you are using leased line or dedicated that is different case.

Unfiltered HTML