Dear guru, I'm pretty new to NS, we have configured the Lan-to-lan VPN as per the instruction in the manual, however, the tunnel failed and inactive by "get sa". Wondering it would be blocked by the ISP-router, we have asked our ISP to open the "VPN" ports. we are using g2-esp-3des-sha for P2 and Pre-g2-3des-sha for P1.
What ports are required on my router to allow such connection. udp/500 for ipsec?