Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
568
Views
2
Helpful
1
Replies

Cisco ASA

Go to solution
cheng.cathy
Level 1
Level 1

‎03-23-2023 03:33 PM - edited ‎04-16-2023 11:35 PM

thanks

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎03-23-2023 04:44 PM

you can config control-plane ACL as you mention above 
this permit IPsec l2l and anyconnect tcp/443
but for you must consider the direction 
access-list cp-outside permit udp host 125.63.0.0 0.0.255.255 any eq 4500 
access-list cp-outside permit udp  any host 125.63.0.0 0.0.255.255 eq 4500 <<- correct one 

your OUT inteface must receive the traffic from any IP. 
Note:- do same for all  ACL line 


View solution in original post

1 Reply 1

Go to solution
MHM Cisco World
VIP
VIP

‎03-23-2023 04:44 PM

you can config control-plane ACL as you mention above 
this permit IPsec l2l and anyconnect tcp/443
but for you must consider the direction 
access-list cp-outside permit udp host 125.63.0.0 0.0.255.255 any eq 4500 
access-list cp-outside permit udp  any host 125.63.0.0 0.0.255.255 eq 4500 <<- correct one 

your OUT inteface must receive the traffic from any IP. 
Note:- do same for all  ACL line 


Customers Also Viewed These Support Documents