0

Stack Overflow Link I am following. (last step of step 1 of the anwser

I have attempted to change the inbound/outbound security groups for my server but ESP is not on the list of protocols. I tried to create a custom protocol but when I try and connect via my client I get the same error message:

The remote connection was not made because the attempted VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parameters required for IPsec negotiation might not be configured properly.

I have completed all the steps from the Stackfault answer so I should be able to connect to my server this is the only step I "skipped.

Jonathan Mongeau
  • 25
  • 3

1 Answers1

0

To make IPSec work through your firewalls, you should open UDP port 500 and permit IP protocol numbers 50 and 51 on both inbound and outbound firewall filters. UDP Port 500 should be opened to allow Internet Security Association and Key Management Protocol (ISAKMP) traffic to be forwarded through your firewalls. IP protocol ID 50 should be set to allow IPSec Encapsulating Security Protocol (ESP) traffic to be forwarded. Finally, IP protocol ID 51 should be set to allow Authentication Header (AH) traffic to be forwarded.

IPSEC Ports

[EDIT after comment]

  • Go to the AWS Management Console.

  • Select your EC2 instance.

  • Select the security group located in the "Description" tab in the bottom half of the window.

  • Click on the Inbound tab.

  • Click the edit button, then add rule button

  • Enter rules for each protocol (TCP or UDP) and port.

John Hanley
  • 4,754
  • 1
  • 11
  • 21