Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

firewall IOS + easy VPN

I have a cisco router with firewall IOS and internet connection,on the outside interface there is an access-list that deny anything from outside and on the inside interface there are an inspection rules..I would like to configure easy VPN client so that users can connect this configuration cause a problem for a remote user to connect to internal network.

New Member

Re: firewall IOS + easy VPN

any suggestions????

New Member

Re: firewall IOS + easy VPN

I need your help in this issue ?? what are the ACL's needed at outside interface to enable easy VPN connection..user will be able to connect to inside network through easy vpn only ..... Regards,,,

Re: firewall IOS + easy VPN


You should permit UDP 500 and ESP protocol on the Outside Interface inbound ACL, for EZVPN to work.

Again if the clients are using NAT-T then you have to allow , UDP 500 and UDP 4500.

If the Outside interface is S0/0 and IP is A.B.C.D, then use this

access-list 121 permit udp ANY host A.B.C.D eq 500

access-list 121 permit esp ANY host A.B.C.D

int S0/0

ip access-group 121 in

Hope this helps.

CreatePlease to create content