01-21-2010 08:27 AM - edited 03-11-2019 09:59 AM
hello,
i was configuring an access-list on a FWSM and came across an option which i think might help me reduce the number of access-list statements.
access-list xxxxx extended permit ipsec a.a.a.a a.a.a.a
could some one tell me if the ipsec option in the access-list dynamically allow all the ports associated with ipsec connection like ESP, udp 500 or udp 4500 ?
if not than what will it allow.
we are having issues with ipsec-pass-thorugh on the fwsm as it does not support the default inspect statement like an ASA.
Thanks,
Aqdas
02-15-2010 06:50 AM
03-08-2010 07:08 AM
any particular reason why we would use ipsec because protocol esp is also an option when configuring an access-list?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide