[vpn-devel] Question about source ike port in windows

Lukas Macura macura at opf.slu.cz
Mon Aug 15 08:39:01 CDT 2011

Hi to all,

please, we have "problem" with our windows installation of VPN client.
Looking into source, it seems that config is loaded on unix machines and
I can specify:

socket ike 5000

in /etc/iked.conf

Unfortunately, I did not find the way, how windows vpn client searches
this in registry and cannot change it. It is problem because we have
more developers behing one nated IP. Due to the fact, that client binds
to port 500 and we have isakmp inspection on firewall, firewall tries to
leave port 500 untouched and kills latest connection when creating new.
So only last developer has chance to access VPN server.

Cisco VPN client worked fine because source port was dynamic.
Please, is it too big hack to use some dynamic (random) port instead of
hard driven "500" in windows?

Ps: please include my address in reply, I am not in list.

Thank  you very much,
Lukas Macura

More information about the vpn-devel mailing list