https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241182#M40246 <P>The kernel module is redirecting the traffic to the “listening” port, which is useful with multithreaded iked.</P> Fri, 14 Feb 2025 04:23:56 GMT PhoneBoy 2025-02-14T04:23:56Z https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241005#M40209 <P>Hello,</P> <P>can someone please explain the ports for IKED in R81.20 and R82?</P> <P>&nbsp;</P> <P>From R82 Site-Site admin guide</P> <P>The IKE daemon "iked"<BR />Introduced in the R81.10 version.<BR />Listens on these ports on a Security Gateway:<BR /><STRONG>IKE: 30500 - 30563 (UDP)</STRONG><BR /><STRONG>IKE NAT-T: 34500 - 34563 (UDP)</STRONG><BR />Tunnel Test: 48234 - 48297 (UDP)<BR />Check Point RDP: 30259 - 30322 (UDP)<BR />L2TP: 31701 - 31764 (UDP)</P> <P>From R82 GW, but its also the same for R81.20</P> <P>[Expert@chkp-demo-gw-2:0]# netstat -tulnp | grep iked<BR />tcp 0 0 127.0.0.1:9994 0.0.0.0:* LISTEN 6907/iked<BR />udp 0 0 0.0.0.0:30259 0.0.0.0:* 6907/iked<BR />udp 0 0 0.0.0.0:<STRONG>30500</STRONG> 0.0.0.0:* 6907/iked<BR />udp 0 0 192.168.7.12:31701 0.0.0.0:* 6907/iked<BR />udp 0 0 192.168.7.12:48234 0.0.0.0:* 6907/iked<BR />udp 0 0 0.0.0.0:<STRONG>34500</STRONG> 0.0.0.0:* 6907/iked</P> <P>&nbsp;</P> <P>and my question is, where is IKE UDP 500 and NAT-T UDP 4500. On R81.20 or R82, I cannot find it for IKED and VPND</P> <P>the same statement is here -&nbsp;<SPAN>sk180488</SPAN></P> <P>&nbsp;</P> <P><SPAN>On maestro R81.20 its different</SPAN></P> <P><SPAN>[Expert@XXX-ch01-03:2]# netstat -tulnp | grep 500<BR />udp 0 0 0.0.0.0:500 0.0.0.0:* 12698/vpnd<BR />udp 0 0 0.0.0.0:4500 0.0.0.0:* 12698/vpnd<BR /></SPAN></P> <P><SPAN>all three mentioned GWs are doing active RA or S2S so it should listening on udp 500/4500 so I am confused by admin guide and the&nbsp;sk180488</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 12 Feb 2025 10:17:02 GMT https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241005#M40209 Martin_Raska 2025-02-12T10:17:02Z https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241142#M40235 <P>I have the same question, I am connected to the CLI of an R81.20 vpn gateway through remote access client (Endpoint Security VPN on macOS), but I can not find udp port 4500 from its "<STRONG>netstat -anp</STRONG>" output, although pcap on my laptop tells me I am using NAT-T (4500). It's very weird. Hope someone can answer this.<span class="lia-unicode-emoji" title=":thinking_face:">🤔</span></P><LI-CODE lang="markup">[Expert@MTSH:0]# netstat -anp | grep iked tcp 0 0 127.0.0.1:9994 0.0.0.0:* LISTEN 21664/iked tcp 0 0 127.0.0.1:60942 127.0.0.1:1024 ESTABLISHED 21664/iked tcp 0 0 127.0.0.1:60930 127.0.0.1:1024 ESTABLISHED 21664/iked tcp 0 0 127.0.0.1:60996 127.0.0.1:1024 ESTABLISHED 21664/iked tcp 0 0 127.0.0.1:60936 127.0.0.1:1024 ESTABLISHED 21665/iked tcp 0 0 127.0.0.1:42239 127.0.0.1:8989 ESTABLISHED 21665/iked tcp 0 0 127.0.0.1:61150 127.0.0.1:1024 ESTABLISHED 21665/iked tcp 0 0 127.0.0.1:50655 127.0.0.1:8989 ESTABLISHED 21664/iked tcp 0 0 127.0.0.1:60928 127.0.0.1:1024 ESTABLISHED 21665/iked udp 0 0 0.0.0.0:30259 0.0.0.0:* 21664/iked udp 0 0 0.0.0.0:30260 0.0.0.0:* 21665/iked udp 0 0 0.0.0.0:34500 0.0.0.0:* 21664/iked udp 0 0 0.0.0.0:34501 0.0.0.0:* 21665/iked udp 0 0 0.0.0.0:30500 0.0.0.0:* 21664/iked udp 0 0 0.0.0.0:30501 0.0.0.0:* 21665/iked udp 0 0 61.169.179.146:31701 0.0.0.0:* 21664/iked udp 0 0 61.169.179.146:31702 0.0.0.0:* 21665/iked udp 0 0 61.169.179.146:48234 0.0.0.0:* 21664/iked udp 0 0 61.169.179.146:48235 0.0.0.0:* 21665/iked unix 3 [ ] STREAM CONNECTED 44650 21664/iked unix 3 [ ] STREAM CONNECTED 44649 21664/iked unix 3 [ ] STREAM CONNECTED 45689 21664/iked unix 3 [ ] STREAM CONNECTED 45691 21665/iked unix 3 [ ] STREAM CONNECTED 44634 21665/iked unix 3 [ ] STREAM CONNECTED 44633 21665/iked</LI-CODE><P>&nbsp;&nbsp;</P> Thu, 13 Feb 2025 16:59:49 GMT https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241142#M40235 QixingCao_MTech 2025-02-13T16:59:49Z https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241182#M40246 <P>The kernel module is redirecting the traffic to the “listening” port, which is useful with multithreaded iked.</P> Fri, 14 Feb 2025 04:23:56 GMT https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241182#M40246 PhoneBoy 2025-02-14T04:23:56Z https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241216#M40249 <P>From my R82 lab.</P> <P>Andy</P> <P>&nbsp;</P> <P>[Expert@R82:0]# netstat -anp | grep iked<BR />tcp 0 0 127.0.0.1:9994 0.0.0.0:* LISTEN 16951/iked<BR />tcp 0 0 127.0.0.1:39942 127.0.0.1:1024 ESTABLISHED 16951/iked<BR />tcp 0 0 127.0.0.1:39958 127.0.0.1:1024 ESTABLISHED 16955/iked<BR />tcp 0 0 127.0.0.1:63912 127.0.0.1:1024 ESTABLISHED 16953/iked<BR />tcp 0 0 127.0.0.1:34860 127.0.0.1:1024 ESTABLISHED 16955/iked<BR />tcp 0 0 127.0.0.1:53162 127.0.0.1:1024 ESTABLISHED 16951/iked<BR />tcp 0 0 127.0.0.1:39944 127.0.0.1:1024 ESTABLISHED 16953/iked<BR />tcp 0 0 127.0.0.1:49879 127.0.0.1:8989 ESTABLISHED 16955/iked<BR />tcp 0 0 127.0.0.1:61533 127.0.0.1:8989 ESTABLISHED 16951/iked<BR />tcp 0 0 127.0.0.1:39902 127.0.0.1:1024 ESTABLISHED 16953/iked<BR />tcp 0 0 127.0.0.1:39888 127.0.0.1:1024 ESTABLISHED 16951/iked<BR />tcp 0 0 127.0.0.1:39908 127.0.0.1:1024 ESTABLISHED 16955/iked<BR />tcp 0 0 127.0.0.1:35389 127.0.0.1:8989 ESTABLISHED 16953/iked<BR />udp 0 0 0.0.0.0:34500 0.0.0.0:* 16951/iked<BR />udp 0 0 0.0.0.0:34501 0.0.0.0:* 16953/iked<BR />udp 0 0 0.0.0.0:34502 0.0.0.0:* 16955/iked<BR />udp 0 0 0.0.0.0:38416 0.0.0.0:* 16951/iked<BR />udp 0 0 0.0.0.0:58319 0.0.0.0:* 16953/iked<BR />udp 0 0 0.0.0.0:62997 0.0.0.0:* 16955/iked<BR />udp 0 0 0.0.0.0:30259 0.0.0.0:* 16951/iked<BR />udp 0 0 0.0.0.0:30260 0.0.0.0:* 16953/iked<BR />udp 0 0 0.0.0.0:30261 0.0.0.0:* 16955/iked<BR />udp 0 0 0.0.0.0:30500 0.0.0.0:* 16951/iked<BR />udp 0 0 0.0.0.0:30501 0.0.0.0:* 16953/iked<BR />udp 0 0 0.0.0.0:30502 0.0.0.0:* 16955/iked<BR />udp 0 0 172.16.10.253:31701 0.0.0.0:* 16951/iked<BR />udp 0 0 172.16.10.253:31702 0.0.0.0:* 16953/iked<BR />udp 0 0 172.16.10.253:31703 0.0.0.0:* 16955/iked<BR />udp 0 0 172.16.10.253:48234 0.0.0.0:* 16951/iked<BR />udp 0 0 172.16.10.253:48235 0.0.0.0:* 16953/iked<BR />udp 0 0 172.16.10.253:48236 0.0.0.0:* 16955/iked<BR />unix 3 [ ] STREAM CONNECTED 62474 16955/iked<BR />unix 3 [ ] STREAM CONNECTED 62473 16955/iked<BR />unix 3 [ ] STREAM CONNECTED 50156 16951/iked<BR />unix 3 [ ] STREAM CONNECTED 58444 16953/iked<BR />unix 3 [ ] STREAM CONNECTED 57024 16953/iked<BR />unix 3 [ ] STREAM CONNECTED 50157 16951/iked<BR />unix 3 [ ] STREAM CONNECTED 57027 16955/iked<BR />unix 3 [ ] STREAM CONNECTED 57021 16951/iked<BR />unix 3 [ ] STREAM CONNECTED 58443 16953/iked<BR />[Expert@R82:0]#</P> Fri, 14 Feb 2025 15:11:44 GMT https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/241216#M40249 the_rock 2025-02-14T15:11:44Z https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/262393#M44372 <P>Please see this new SK article:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk184307" target="_blank" rel="noopener"><SPAN>sk184307: VPN User-space Multi-Process Architecture in R81.20 and higher</SPAN></A></P> Mon, 10 Nov 2025 23:14:08 GMT https://community.checkpoint.com/t5/General-Topics/IKED-port-30500-and-34500/m-p/262393#M44372 Timothy_Hall 2025-11-10T23:14:08Z