University of California, Riverside

Virtual Private Networking



Connect to VPN Client Through a Firewall


Have a Firewall?

If you have a firewall installed on your router or your computer you may need to configure your firewall to allow VPN traffic.

Router Firewall:

If you use a router there are three possible options for using the VPN:

  • Enable VPN Pass-Through for IPSec.This is the preferred method.
    Instructions for enabling VPN Pass-Through will vary depending upon your router, so you will need to refer to your router's instruction manual.
  • Set the DMZ option for your computer.
    You should try this option if you cannot enable VPN Pass-Through. You will need to know your computer's IP and specify that IP in the DMZ field when the option is enabled. Instructions for enabling DMZ will vary depending upon your router, so you will need to refer to your router's instruction manual.
  • Bypass the router.
    If neither the VPN Pass-Through nor DMZ options are available or work, you can bypass the router by connecting your computer directly to your cable/DSL modem.

Software Firewall:

If you use a software firewall, such as the one built into your operating system or a third-party program such as Norton Personal Firewall, you can configure your firewall to permit VPN traffic.

To connect to the VPN without turning off your firewall you should try each of the following until you are able to successfully connect:

Windows Firewall (Windows XP):
  1. Open UDP Port 62515 in your firewall. Download and run this file to do this automatically for you.
  2. Open TCP Port 10000 and UDP 4500 in your firewall. Download and run this file to do this automatically for you.
  3. Add Cisco VPN IPSecDialer and VPNGUI to the firewall exception list. Download and run this file to do this automatically for you.
Windows Firewall (Windows Vista):
  1. Open UDP Port 62515 in your firewall. Download and run this file to do this automatically for you.
  2. Open TCP Port 10000 and UDP 4500 in your firewall. Download and run this file to do this automatically for you.
  3. Add Cisco VPN IPSecDialer and VPNGUI to the firewall exception list. Download and run this file to do this automatically for you.

Third Party Firewalls (ZoneAlarm, Norton Security):

Consult your firewall documentation on how to open ports and add application exceptions. You will need the following ports and exceptions set:

  1. Open UDP Port 62515 in your firewall.
  2. Open TCP Port 10000 and UDP 4500 in your firewall.
  3. Add Cisco VPN IPSecDialer and VPNGUI to the firewall exception list. The path to the files are:
    • C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe
    • C:\Program Files\Cisco Systems\VPN Client\vpngui.exe

More Information 

General Campus Information

University of California, Riverside
900 University Ave.
Riverside, CA 92521
Tel: (951) 827-1012

Department Information

Computing Support Services
Computing & Communications Bldg.

Tel: (951) 827-3555
Fax: (951) 827-4541
helpdesk@ucr.edu (Faculty & Staff)
helpdesk@student.ucr.edu (Students)

Footer