01-18-2003 08:38 PM - edited 03-02-2019 04:19 AM
I updated my CBOS to 2.4.6 and decided to enable the filters to lock down the unit. Now the IPSec clients (Nortel Contivity) can't connect. I have enabled UDP port 500, and it is working up until the client starts to send ESP packets over IP protocol 50. The server respose never appears on my analyzer.
I am assuming the default "Deny All" is doing just that but can't find a way to ALLOW IP protocol 50. Any ideas out there?
Thanks
trish
01-20-2003 06:45 AM
You may have just misconfigured the filters on your 675. Look over the following URL as it gives a pretty good example of how to set up the filtering.
http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/c600s/cbos/cbos230/03chap01.htm
01-20-2003 01:15 PM
Went over that pretty thoroughly. I finally got it work by doing an ALLOW ALL incoming and outging and the bottom of my list, but i would prefer the explict allow. For it will work as the inside FW will do most of the protection, but it would be nice if CBOS recognized protocols other than just TCP/UDP/ICMP
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide