Skip navigation

Which ports do you need to open on a firewall to allow PPTP and L2TP over IPSec VPN tunnels?

A. To enable VPN tunnels between individual host computers or entire networks that have a firewall between them, you must open the following ports:


  • To allow PPTP tunnel maintenance traffic, open TCP 1723.
  • To allow PPTP tunneled data to pass through router, open Protocol ID 47.

L2TP over IPSec

  • To allow Internet Key Exchange (IKE), open UDP 500.
  • To allow IPSec Network Address Translation (NAT-T) open UDP 5500.
  • To allow L2TP traffic, open UDP 1701.

Learn more: Enabling a Windows Firewall Exception for Port 445

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.