i was configuring an access-list on a FWSM and came across an option which i think might help me reduce the number of access-list statements.
access-list xxxxx extended permit ipsec a.a.a.a a.a.a.a
could some one tell me if the ipsec option in the access-list dynamically allow all the ports associated with ipsec connection like ESP, udp 500 or udp 4500 ?
if not than what will it allow.
we are having issues with ipsec-pass-thorugh on the fwsm as it does not support the default inspect statement like an ASA.