Networking, Firewall Ports Used for VPN Connections
If you run a firewall, it is imperative that the firewall rules allow the VPN traffic to pass in order to make a successful connection between your computer and the VPN server. Many firewalls are not configured to pass VPN traffic by default; you may need to reconfigure them yourself in order to permit the VPN connection.
This document cannot provide configuration instructions for the various manufacturers' firewalls. However, some general guidelines apply.
Control by host name or IP address
If your firewall controls access by identifying computers rather than by identifying ports, you should configure your firewall to allow trusted communication with the VPN server.
If your software asks for a "host name" or "site", enter vpn.illinois.edu.
If your software asks for an "IP address" and allows CIDR notation, enter all of the networks (if possible):
- 192.17.88.28/30
- 128.174.81.152/30
- 2620:0:e00:17::/64
- 2620:0:e00:4e::/64
If you can't enter the CIDR notation (such as 192.17.88.28/30) but can specify more than one IP address, enter:
- 192.17.88.30
- 128.174.81.154
- 2620:0:e00:17::2
- 2620:0:e00:4e::2
Control by ports and protocols: List below
Some firewalls require specific details about what ports and protocols should be permitted. The ports and protocols that are required for VPN traffic are:
Service | Port | Required? |
---|---|---|
SSL (HTTPS) | 443 (TCP) | Yes |
DTLS (SSL over UDP) | 443 (UDP) | No |