Is there a logical reason why Amazon EC2 won't allow me to specify a port when using GRE?

Question

I want to set up PPTP in EC2 and am configuring a security group. I've already selected the "custom protocol" and am using protocol 47 / GRE. When I select this, the port section is read only.

Is there any intuitive reason that I shouldn't filter use port 1723 when a custom protocol is used?

Does it matter if I leave the other ports open (when protocol is GRE)?

Thanks @MichaelHampton ... Are TCP/UDP the only ones that have ports? No matter what I type in the "custom protocol" section, the "ports" section is uneditable — makerofthings7, Jun 16 '14 at 14:39

score 2 · Answer 1 · edited Oct 07 '21 at 06:58

2

Do not get port 47 confused with protocol 47. Opening port 47 on your firewall is not the same as allowing protocol 47 (GRE).

A PPTP tunnel is instantiated by communication to the peer on TCP port 1723. This TCP connection is then used to initiate and manage a second GRE tunnel to the same peer, so you need both opened.

Also, do not use PPTP.

edited Oct 07 '21 at 06:58

Community

1

answered Jun 16 '14 at 12:31

Dusan Bajic

2,046
1
17
20

I corrected the typo.. I wrote port 47 when I meant protocol. – makerofthings7 Jun 16 '14 at 13:37
your question is little unclear now – Dusan Bajic Jun 16 '14 at 13:59

Is there a logical reason why Amazon EC2 won't allow me to specify a port when using GRE?

1 Answers1