Hi all. Below is a small portion of my cisco 1841 config.
crypto map mapname 10 ipsec-isakmp
set peer x.x.x.x
set transform-set myset
match address 120
access-list 120 permit ip 192.168.9.0 0.0.0.255 172.16.1.0 0.0.0.255 eq 80
access-list 120 deny ip 192.168.9.0 0.0.0.255 172.16.1.0 0.0.0.255
Base on the above codes i would like to know if the access-list 120 can be use to restrict access only to port 80 and nothing else on the subnet 172.16.1.0 since it is used in crypto map. Because i thought crypto map is only use to determine which traffic to encrypt and not use to deny/permit traffic.