A. To enable VPN tunnels between individual host computers or entire networks that have a firewall between them, you must open the following ports:

PPTP

  • To allow PPTP tunnel maintenance traffic, open TCP 1723.
  • To allow PPTP tunneled data to pass through router, open Protocol ID 47.

L2TP over IPSec

  • To allow Internet Key Exchange (IKE), open UDP 500.
  • To allow IPSec Network Address Translation (NAT-T) open UDP 5500.
  • To allow L2TP traffic, open UDP 1701.

Learn more: Enabling a Windows Firewall Exception for Port 445