outside ACL for watchguard VPN traffic

Jan Rockstedt · ‎07-08-2008

Hi all,

I need advice to creat a outside ACL for watchguard VPN trafic on our ASA.

Below are a old ACL but no VPN watchguard trafic.

Any sugestion?

access-list acl_outside extended permit udp host -ip numbers removed- host -ip numbers removed- eq isakmp

access-list acl_outside extended permit gre host -ip numbers removed- host -ip numbers removed-

access-list acl_outside extended permit esp host -ip numbers removed- host -ip numbers removed-

access-list acl_outside extended permit ah host -ip numbers removed- host -ip numbers removed-

Regards Jan

a.alekseev · ‎07-09-2008

udp 500, 4500

gre

esp

ah

udp 1701 (l2tp)

tcp 10000 (default port for IPSec over TCP)

ipip