11-17-2010 05:17 AM
Dear all,
Can someone let me know witch trafic is authorized with the following access list (under my wan interface) :
access-list 177 permit udp any eq non500-isakmp any eq non500-isakmp
Thanks and regards,
11-17-2010 05:55 AM
Hi,
The ACL is allowing UDP 4500 which is used for NAT-T.
The router shows it as non-500 meaning that ESP traffic is encapsulated in NAT-T.
Hope it helps.
Federico.
11-17-2010 07:05 AM
In this case, my HTTPS trafic origine from LAN will be passed or not ?
Thanks,
11-17-2010 07:09 AM
If you HTTPS traffic will go through the IPsec tunnel, it will pass (all IP traffic will)...
But if the HTTPS traffic will not go through the tunnel, then you need to permit that traffic in the ACL.
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide