We have Pix 506E (running 6.3(5)) with Cisco VPN client working fine.
However, I have a question. It is not causing any issue but I need to understand.
We diabled "sysopt connection permit-ipsec" and apply the access-l abc on the inside interface which users establish the VPN connections through.
Somehow this access-l abc has no hits.
Can someone explain why?
access-list abc line 1 permit esp any host 192.168.0.134 (hitcnt=0)
access-list abc line 2 permit udp any host 192.168.0.134 eq isakmp (hitcnt=0)
access-list abc line 3 permit udp any host 192.168.0.134 eq 4500 (hitcnt=0)
pix# sh sysopt
no sysopt connection timewait
sysopt connection tcpmss 1380
sysopt connection tcpmss minimum 0
no sysopt nodnsalias inbound
no sysopt nodnsalias outbound
no sysopt radius ignore-secret
no sysopt uauth allow-http-cache
no sysopt connection permit-ipsec
no sysopt connection permit-pptp
no sysopt connection permit-l2tp
no sysopt ipsec pl-compatible