What Ports are Required to be Forwarded for Full ASA Functionality When Behind a Firewall
Description of Issue
The ASA is behind a firewall and certain ports need to be forwarded to it for the VPN to be established and for management
Context
ASA
VPN
Port Forwarding
Networking
Munis
Cause
Resolution
Here is a list of the required ports
Required for VPN tunnel - Bi-directionalÂ
IP 50 ESP
UDP 4500 NAT-t
UDP 500 ISKAMP
Required for Management - Inbound
TCP - 443 HTTPS
TCP - 22 SSHÂ
Required for Upgrades - Outbound
UDP - 53 DNS
UDP - 123 NTP
Required for Monitoring
IP - 1 ICMP
UDP - 161 SNMP
Additional Information