A VIA client tries to initially connect to a corporate office controller through an intermediate firewall. However, the VPN connection fails. The administrator examines the firewall rules and determines that rules for UDP 4500 and UDP 500 are configured.
Which additional protocol must be allowed in the firewall rules to resolve this connection failure?
When dealing with VPN connections, apart from UDP 4500 and UDP 500 which are configured for IPsec and ISAKMP respectively, the ESP (Encapsulating Security Payload) protocol is also essential. ESP is used to provide encryption and integrity protection for the data being transmitted. Failing to allow this protocol through the firewall can lead to VPN connection failures. Therefore, the additional protocol that must be allowed in the firewall rules to resolve this connection failure is ESP.
https://www.arubanetworks.com/techdocs/ArubaOS_85_Web_Help/Content/arubaos-solutions/external-firewallconf/port-for-via.htm The following ports are used with Aruba VIA: - For the reachability/trusted network check, use port 443. - For the IPsec connection, use port 4500. - To allow ISAKMP, use port 500. - To enable NAT-T, use port 4500.