The ACL defines what is encrypted - so when your traffic hits the crypto map it checks the source and destination and compares it to the ACL. If it matches then it encrypts it and sends it down the tunnel. If you don't specify any specific ports in the ACL (as we haven't above) then any IP packets between those two hosts will be encrypted.
Ok, but if I use an ACL not in the crypto map just to block ports from being used at all, is there a way to do that without naming every port that must be blocked? For example, I have an access list like the one above used for the tunnel, but then I have another one that I blocked telnet on. In that list is there a way to block all ports not used or do I need to have a command for each port I want blocked(such as POP3, HTTP, FTP, etc). Thanks for your help.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...