An administrator supports a group of employees that connect to the corporate office using the VIA client. An Aruba Mobility Controller (MC), behind a corporate firewall, terminates the user's VPN sessions. The VPN sessions fail to establish because of the existing firewall rules.
Which connections must the administrator allow on the firewall? (Choose three.)
To establish VPN sessions using the Aruba VIA client, the firewall must allow specific port connections. TCP 443 is necessary for the initial reachability and trusted network check. UDP 500 is required for the ISAKMP (Internet Security Association and Key Management Protocol), which is used in the initial stages of setting up a secure VPN connection. UDP 4500 is needed for NAT-T (Network Address Translation Traversal) which allows IPsec VPNs to function correctly when NAT is present. These three ports (443, 500, and 4500) are essential for the proper functioning of the VIA client VPN sessions.
The following ports are used with Aruba VIA. For the reachability/trusted network check, use port 443. For the IPsec connection, use port 4500. To allow ISAKMP, use port 500. To enable NAT-T, use port 4500. https://www.arubanetworks.com/techdocs/ArubaOS_85_Web_Help/Content/arubaos-solutions/external-firewallconf/port-for-via.htm