If you are using a normal VPN provider, you won’t often need to worry much about ports. However, if you set up your own VPN connection and firewall, the ports you use are important. That is because it is based on the protocol you choose when you initiate the connection. Because each one uses a different number, you’ll need to enter the rules’ exceptions to allow them to work together. Let’s take a look at the port numbers, the protocols, and how you would use them. Keep in mind that not all of these are VPN protocols and are good to use in all situations. We recommend using OpenVPN, WireGuard, or IKEv2 for a a good blend of privacy protection and fast performance.
VPN Port Numbers
VPN Protocol | VPN Port Number | Notes |
---|---|---|
OpenVPN (TCP) | 443 | Standard OpenVPN connection. OpenVPN shares this port with HTTPS traffic so you have a better chance of getting around firewall restrictions. |
OpenVPN (UDP) | 1194 | Standard OpenVPN connection, may be blocked by organizations or ISPs |
WireGuard (UDP) | 51820 | Incoming connections for the WireGuard protocol |
IKEv2 (UDP) | 500, 4500 | IKEv2 control path |
IKEv2 (ESP) | 50 | IKEv2 data path |
L2TP (UDP) | 500, 4500 | IPSec control path |
L2TP (ESP) | 50 | IPSec data path |
PPTP (TCP) | 1723 | PPTP control path |
PPTP (GRE) | 47 | PPTP data path |
SSTP (Windows) | 443 | |
SSH Tunnel (TCP) | 22 | |
SOCKS proxy (TCP) | 1080 | |
Sophos SSL (Cyberoam) | 8443 | SSL VPNUser Portal |
Cisco IPSec | 1293 | |
SoftEther | 443, 992, 5555 |
Here are some additional non-VPN port numbers that can be helpful to know:
- 443 – TLS/SSL, HTTPS
- 53 – DNS
- 22 – SSH Tunnel (TCP)
- 25 – SMTP (TCP/UDP) – SMTP server connections (Simple Mail Transfer Protocol)
- 80 – HTTP (TCP/UDP)
How Port Blocking Differs from Firewalls
Port blocking is an active attempt by the organization to stop VPN usage. They do that by blocking the most common VPN port, 1194. That is the port for OpenVPN UDP as you see above. Organizations, governments, and schools, take this step to try to stop users from connecting to VPNs. Since the port is blocked, you wouldn’t be able to connect to that VPN server. Luckily, several VPN providers have other protocols that you can still use, and some allow you to run OpenVPN (UDP) over a different port number. We suggest using port 443 in this case since it’s used for SSL encryption throughout the web. Blocking this port would make most website inaccessible.
Firewalls are a form of DNS filtering. Instead of blocking ports, they can block entire categories of content. Whether it is gaming, gambling, adult content, or others, getting past government or organizational firewalls can be difficult unless you connect to a VPN. Again, you can switch ports if the organization or government additionally blocks ports as well.