What Port Does A VPN Use?
Internet access can often be limited due to restrictions a public network faces. Turning on VPNs helps us access any of the online resources unavailable on the public network. However, some ports need to be open for VPN traffic to flow while some open ports can be a security risk. So, let’s see what ports a VPN needs.
The kind of port a VPN uses depends on the protocol and connection type. A PPTP VPN uses TCP 1723 port, L2TP and IPsec use UDP 500 and UDP 4500 ports, and SSTP and OpenVPN commonly use the TCP 443 port.
Virtual Private Networks (VPNs) allow access to online resources that would otherwise require access to a public network over a private network. We will discuss the kind of ports that should be open for VPN depending on which connection type and what sort of VPN you are using.
What Is A VPN Port Number?
A port number shows what is used to identify a specific network message that is forwarded to the server in use. Depending on the type of service, the two common ports are UDP and TCP.
TCP (Transmission Control Protocol) Ports are more reliable since they establish a secure connection before sending the data.
UDP (User Datagram Protocol) Ports give a faster connection since it quickly sends data packets without establishing a connection.
How To Find The VPN Port?
Knowing your port number can be helpful for setting up firewalls and for giving an app some certain permissions. While the VPN is in use, you can use the command prompt to find the port your VPN is using.
Finding The Port Number On A Windows
For a windows device, run the command prompt as an admin. Run the following commands to see a list of port numbers:
- ipconfig
- netstat -a
Finding The Port Number On A Mac
On a Mac device, you have to first launch the System Preferences. Navigate to Network > Advanced. From there, click the Port Scan tab and enter the IP address you want to scan.
What Port Does A VPN Use?
A VPN may use a variety of ports depending on the type of connection it uses. So it is important to know what type of connection your VPN uses in order to find out which ports the VPN should have access through.
Open VPN
Open VPN can use the TCP or UDP protocols on ports 1194. Besides, the IPVanish software requires TCP port 443 for the network traffic.
Secure Socket Tunneling Protocol (SSTP)
Also known as Secure Sockets Layer (SSL), this type of connection requires TCP port 443. This VPN type uses a private key which encrypts data transferred over the SSTP connection. It may also use other secure ports, which are the 465 Secure SMTP, 993 Secure IMAP, and 995 Secure POP.
Point-to-Point Tunneling Protocol (PPTP)
VPNs on PPTP protocol use TCP port 1723 or the IP protocol 47 Generic Routing Encapsulation (GRE). The benefit of PPTP is that it offers a low-cost private connection. It is mostly useful for those who work from home or travel a lot while needing to use their corporate networks. This VPN connection also gives access to a Microsoft Remote Access Server (RAS).
Internet Protocol Security (IPSec)
VPNs on the IPSec connection changes ports depending on some specific factors:
- IP protocol 50 is used for Encapsulated Security Protocol (ESP)
- IP protocol 51 is needed for Authentication Header (AH)
- For IKE Phase 1 and Phase 2 negotiations, UDP port 500 is used
- UDP ports 500 and 4500 are used when NAT-T is used for IKE Phase 1 and Phase 2 negotiations
Layer Two Tunneling Protocol (L2TP)
For L2TP, VPN ports used are the UDP port 1701. LT2P is an extension of the PPTP and is mostly used with IPSec for establishing a Virtual Private Network (VPN).
Which Port Does My VPN Use?
In case you are not aware how to check your network ports in order to establish a VPN connection, I have made a list of the ports the few most popular VPN providers use.
ExpressVPN
An ExpressVPN connection will automatically connect to an Open VPN through a UDP 1194 port. UDP gives you a much faster internet speed. However, for an unsafe public network, ExpressVPN allows you to change the port to a TCP 1194.
NordVPN
NordVPN lets you connect through OpenVPN over both the TCP 443 and UDP 1194 ports. It is important to note that an open UDP port 53 can corrupt the VPN connection.
SurfShark VPN
TCP Port 443 is used on a SurfShark VPN. While some other VPNs allow you to change the ports, this VPN provider restricts any port forwarding with the users’ security in mind.
Common VPN Ports
In case you are not aware of which specific port your VPN uses, you can keep some ports open on the firewall in order to let the VPN traffic flow. I have listed the most common VPN connection types along with their relevant ports and protocols:
VPN Connection | Protocol | Port |
Open VPN | UDP | 1194 |
TCP | 1194 | |
SSTP | TCP | 443 |
PPTP | TCP | 1723 |
GRE (Proto 47) | N/A | |
L2TP | UDP | 1701 |
L2TP with IPSec | UDP | 1701 |
UDP | 500 | |
UDP | 4500 | |
IPSec | UDP | 500 |
UDP | 4500 | |
ESP (Proto 50) | N/A | |
AH (Proto 51) | N/A | |
IKEv2 | UDP | 500 |
UDP | 4500 |
Unsafe VPN Ports
While the VPN ports we talked about so far are important for VPN access, some ports can be a risk to the network. These ports can be vulnerable to attacks and thus unsafe to use.
If you are allowing your VPN to use specific ports, it is important to avoid the following:
- TCP Port 21
- TCP Port 23
- TCP Port 80
- TCP/UDP Port 53
- TCP Port 1080
- TCP Port 4444
Knowing which port your VPN uses gives an easy solution to any network problems you may run into. Ensuring the required port is open and the unsafe ones are closed, is thus, important for the VPN traffic to flow abruptly.