[nsp] Access-list question
Hudson Delbert J Contr 61 CS/SCBN
Delbert.Hudson at LOSANGELES.AF.MIL
Mon Oct 27 15:08:26 EST 2003
kevin,
actually its protocol 50 not port 50.
list s/look like this....
access-list 131 permit gre any any ! PROTOCOL=47 (IPSEC)
access-list 131 permit udp any any eq isakmp ! PROTOCOL=17 UDP/PORT 500)
access-list 131 permit esp any any ! PROTOCOL=50 (ESP)
rmail is udp port 50 for RFC 1339 - Remote Mail Checking Protocol
THIS IS TO TALK WITH MAIL DROP SERVERS.
HOPE, THIS IS HELPFUL.
~v/r
Del Hudson
61CS/SCBN - LAAFB NCC
Network Architecture & Engineering Group
delbert.hudson at losangeles.af.mil
-----Original Message-----
From: Kevin [mailto:kevin at honeycomb.net]
Sent: Monday, October 27, 2003 11:51 AM
To: cisco-nsp at puck.nether.net
Subject: [nsp] Access-list question
Does anyone know how allow ipsec through an accesslist?
I know ipsec uses port 500 UDP and port 50 IP?
Would it be?:
access-list 131 permit udp any any eq 500
access-list 131 permit tcp any any eq 50
access-list 131 permit udp any any eq 50
Kevin,
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list