KB21762 - How to change the default ESP port number (UDP 4500)?

This article provides information on how to change the default ESP port number.

In certain networks, there could be a requirement to change the ESP port 4500 to a custom defined port. This article describes:

• How to make sure the ESP port uses a custom defined port (instead of default port)?
• What are the other parameters that need to be considered?

 

To change the default port to a custom defined port, navigate to  User > Resource Policies > Connection Profiles > (Select the profile) > Connection setting




Note: For Network Connect to communicate, the following ports MUST be open:

In the client:
 

• UDP port 4242 on loopback address

Between the Client and the Pulse Connect Secure device:
 

• TCP port 443
• If using ESP mode, the UDP port configured on the SSL VPN ( default is UDP 4500).

The VPN Tunneling option provides secure SSL-based network-level remote access to all enterprise application resources, using the Pulse Connect Secure over port 443.

Port 4242 is used for IPC communication between the Network Connect service and the Network Connect executable on the client PC. Typically, endpoint products do not block this type of IPC communication. However, if you have an endpoint product that does block this communication, you must allow it for Network Connect to work properly.