generally you allow UDP/4500 to get through which is NAT-T that encapsulates both IKE and ESP traffic within UDP with port 4500 used as both the source and destination port.
------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
------------------------------
Original Message:
Sent: Oct 30, 2025 04:52 AM
From: a.campbell
Subject: MicroBranch - VPNC Firewall Configuration
Hi all,
I will implementing a 503H as a remote MicroBranch for a customer that already has a VPNC at the HQ.
My question is:
The VPNC is behind a firewall at their HQ and the intention for the 503H is to hop from site to site with a routed L3 connection to their corporate networks. How would I go about configuring the firewall at the HQ to allow for the 503H that would be hoping from different sites with various internet connections and WAN addresses?
-------------------------------------------