This example show configuring DTLS for AnyConnect and it does use port 443. But it is possible to specify a different port. So basically the ports you need to open will reflect choices that you make in configuring AnyConnect. And let me also make the point that DTLS is not a requirement. It is an optional feature (and in my opinion very
Dec 01, 2016 Common Application Ports - Bandwidth Controller This table lists the ports used by some of the more popular applications. The first column shows the name of the application's protocol. The next column lists each port used by the product, including any port ranges. The third column shows which protocol the ports refer to (TCP, UDP or both). Port 443 in use - Windows Server - Spiceworks
HTTPS - Wikipedia
In the case of https, whereas the default port used for standard non-secured "http" is port 80, Netscape chose 443 to be the default port used by secure http. (They chose port 443 because it was not being used for any other purpose at the time.) Observing SSL Certificates in Action:
How do I check if a port is in use on Linux? - nixCraft
tls - SSL protocol : Port 443 - Information Security Stack TLS can be negotiated over port 80 or port 443. Whichever port is used, will be used for the entire handshake. Unless your server is configured to negotiate TLS over port 80, most browsers will assume that port 443 should be used and will try that port first.