topic Re: IPSEC through a Cisco FTD in Network Security https://community.cisco.com/t5/network-security/ipsec-through-a-cisco-ftd/m-p/3674895#M132822 <P>You can create a rule under Access-Control Policy to allow ESP by choosing ESP(50) under the destination port. Picture attached:</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="esp-ftd.PNG" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/15366iA38511A21DDE7C2C/image-size/large?v=v2&amp;px=999" role="button" title="esp-ftd.PNG" alt="esp-ftd.PNG" /></span>This translates to the following rule on the CLI</P> <PRE>access-list CSM_FW_ACL_ line 22 advanced permit <STRONG>esp</STRONG> ifc inside any any rule-id 268440576</PRE> <P>&nbsp;</P> Wed, 25 Jul 2018 23:47:34 GMT Rahul Govindan 2018-07-25T23:47:34Z IPSEC through a Cisco FTD https://community.cisco.com/t5/network-security/ipsec-through-a-cisco-ftd/m-p/3674843#M132821 <P>I need to create a rule to allow IPsec/ISAKMP traffic trough a FTD 2100. The rule for the ISAKMP is pretty straight forward, allow udp 500 and/or 4500. But how do you define the rule to allow protocol esp?</P> Tue, 12 Mar 2019 11:07:07 GMT https://community.cisco.com/t5/network-security/ipsec-through-a-cisco-ftd/m-p/3674843#M132821 gamoore 2019-03-12T11:07:07Z Re: IPSEC through a Cisco FTD https://community.cisco.com/t5/network-security/ipsec-through-a-cisco-ftd/m-p/3674895#M132822 <P>You can create a rule under Access-Control Policy to allow ESP by choosing ESP(50) under the destination port. Picture attached:</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="esp-ftd.PNG" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/15366iA38511A21DDE7C2C/image-size/large?v=v2&amp;px=999" role="button" title="esp-ftd.PNG" alt="esp-ftd.PNG" /></span>This translates to the following rule on the CLI</P> <PRE>access-list CSM_FW_ACL_ line 22 advanced permit <STRONG>esp</STRONG> ifc inside any any rule-id 268440576</PRE> <P>&nbsp;</P> Wed, 25 Jul 2018 23:47:34 GMT https://community.cisco.com/t5/network-security/ipsec-through-a-cisco-ftd/m-p/3674895#M132822 Rahul Govindan 2018-07-25T23:47:34Z