VPN server will use Internal port to source the egress traffic. Client can use the External port to connect to the VPN server, however, the traffic initiated by the client will be forwarded to the internal network using the Internal port. Client traffic >> Internet >> DMZ >> External port >> VPN >> Internal port >> Intranet/Intranet. Please allow the Internal port of the VPN server (resides at the DMZ) to communicate with the Internet/Intranet zones, so that, the VPN clients can connect to Internet.
... View more