Which ports do you need to open on a firewall to allow PPTP and L2TP over IPSec VPN tunnels?

A. To enable VPN tunnels between individual host computers or entire networks that have a firewall between them, you must open the following ports:

PPTP

• To allow PPTP tunnel maintenance traffic, open TCP 1723.
• To allow PPTP tunneled data to pass through router, open Protocol ID 47.

L2TP over IPSec

• To allow Internet Key Exchange (IKE), open UDP 500.
• To allow IPSec Network Address Translation (NAT-T) open UDP 5500.
• To allow L2TP traffic, open UDP 1701.