srue Tue, 07/14/2009 - 10:01
User Badges:
  • Blue, 1500 points or more

udp 500 for phase 1

eg: access-list ACL_NAME permit udp any host x.x.x.x eq 500

protocol ESP for phase 2.

eg: access-list ACL_NAME permit esp any host x.x.x.x


if nat-t is used, udp/tcp 10000 depending on your configuration. or whatever other port you configure for this.

Jon Marshall Tue, 07/14/2009 - 10:02
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Harrison


UDP 500 - ISAKMP

ESP 50 - IPSEC


Optionally -


ISAKMP NAT-Traversal - UDP 4500 (NAT-T)

IPSEC Over UDP - UDP 10000 (Default)

IPSEC Over TCP - TCP 10000 (Default)


Jon

srue Tue, 07/14/2009 - 10:22
User Badges:
  • Blue, 1500 points or more

eek..i can never rememeber 4500 for some reason.

Actions

This Discussion