What Port Does A VPN Use?


What Port Does A VPN Use?

Internet access can often be limited due to restrictions a public network faces. Turning on VPNs helps us access any of the online resources unavailable on the public network. However, some ports need to be open for VPN traffic to flow while some open ports can be a security risk. So, let’s see what ports a VPN needs.

The kind of port a VPN uses depends on the protocol and connection type. A PPTP VPN uses TCP 1723 port, L2TP and IPsec use UDP 500 and UDP 4500 ports, and SSTP and OpenVPN commonly use the TCP 443 port.

Virtual Private Networks (VPNs) allow access to online resources that would otherwise require access to a public network over a private network. We will discuss the kind of ports that should be open for VPN depending on which connection type and what sort of VPN you are using.

What Is A VPN Port Number?

A port number shows what is used to identify a specific network message that is forwarded to the server in use. Depending on the type of service, the two common ports are UDP and TCP.

TCP (Transmission Control Protocol) Ports are more reliable since they establish a secure connection before sending the data.

UDP (User Datagram Protocol) Ports give a faster connection since it quickly sends data packets without establishing a connection.

How To Find The VPN Port?

Knowing your port number can be helpful for setting up firewalls and for giving an app some certain permissions. While the VPN is in use, you can use the command prompt to find the port your VPN is using.

Finding The Port Number On A Windows

For a windows device, run the command prompt as an admin. Run the following commands to see a list of port numbers:

  • ipconfig
  • netstat -a

Finding The Port Number On A Mac

On a Mac device, you have to first launch the System Preferences. Navigate to Network > Advanced. From there, click the Port Scan tab and enter the IP address you want to scan.

What Port Does A VPN Use?

A VPN may use a variety of ports depending on the type of connection it uses. So it is important to know what type of connection your VPN uses in order to find out which ports the VPN should have access through.

Open VPN

Open VPN can use the TCP or UDP protocols on ports 1194. Besides, the IPVanish software requires TCP port 443 for the network traffic.

Secure Socket Tunneling Protocol (SSTP)

Also known as Secure Sockets Layer (SSL), this type of connection requires TCP port 443. This VPN type uses a private key which encrypts data transferred over the SSTP connection. It may also use other secure ports, which are the 465 Secure SMTP, 993 Secure IMAP, and 995 Secure POP.

Point-to-Point Tunneling Protocol (PPTP)

VPNs on PPTP protocol use TCP port 1723 or the IP protocol 47 Generic Routing Encapsulation (GRE). The benefit of PPTP is that it offers a low-cost private connection. It is mostly useful for those who work from home or travel a lot while needing to use their corporate networks. This VPN connection also gives access to a Microsoft Remote Access Server (RAS).

Internet Protocol Security (IPSec)

VPNs on the IPSec connection changes ports depending on some specific factors:

  • IP protocol 50 is used for Encapsulated Security Protocol (ESP)
  • IP protocol 51 is needed for Authentication Header (AH)
  • For IKE Phase 1 and Phase 2 negotiations, UDP port 500 is used
  • UDP ports 500 and 4500 are used when NAT-T is used for IKE Phase 1 and Phase 2 negotiations

Layer Two Tunneling Protocol (L2TP)

For L2TP, VPN ports used are the UDP port 1701.  LT2P is an extension of the PPTP and is mostly used with IPSec for establishing a Virtual Private Network (VPN).

Which Port Does My VPN Use?

In case you are not aware how to check your network ports in order to establish a VPN connection, I have made a list of the ports the few most popular VPN providers use.

ExpressVPN

An ExpressVPN connection will automatically connect to an Open VPN through a UDP 1194 port. UDP gives you a much faster internet speed. However, for an unsafe public network, ExpressVPN allows you to change the port to a TCP 1194.

NordVPN

NordVPN lets you connect through OpenVPN over both the TCP 443 and UDP 1194 ports. It is important to note that an open UDP port 53 can corrupt the VPN connection.

SurfShark VPN

TCP Port 443 is used on a SurfShark VPN. While some other VPNs allow you to change the ports, this VPN provider restricts any port forwarding with the users’ security in mind.

Common VPN Ports

In case you are not aware of which specific port your VPN uses, you can keep some ports open on the firewall in order to let the VPN traffic flow. I have listed the most common VPN connection types along with their relevant ports and protocols:

VPN ConnectionProtocolPort

Open VPN
UDP1194
TCP1194
SSTPTCP443

PPTP
TCP1723
GRE (Proto 47) N/A
L2TPUDP1701
L2TP with IPSecUDP1701
 UDP500
UDP4500


IPSec
UDP500
UDP4500
ESP (Proto 50)  N/A  
AH (Proto 51)N/A  
IKEv2UDP500
UDP4500

Unsafe VPN Ports

While the VPN ports we talked about so far are important for VPN access, some ports can be a risk to the network. These ports can be vulnerable to attacks and thus unsafe to use.

If you are allowing your VPN to use specific ports, it is important to avoid the following:

  • TCP Port 21
  • TCP Port 23
  • TCP Port 80
  • TCP/UDP Port 53
  • TCP Port 1080
  • TCP Port 4444

Knowing which port your VPN uses gives an easy solution to any network problems you may run into. Ensuring the required port is open and the unsafe ones are closed, is thus, important for the VPN traffic to flow abruptly.

Mark Lewis

Security nerd with a Data Privacy First mindset!

Recent Posts