Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
0
Helpful
1
Replies

IKE, IPSec negotiation

gsebk
Level 1
Level 1

‎11-04-2002 03:14 AM - edited ‎02-21-2020 12:09 PM

Hi all,

My question is whether during the IKE and IPSec initialization (phase one and two) other than UDP 500 (ISAKMP), IP 50 (IPSec ESP) and IP 51 (IPSec AH) ports are in use. It seems that if in access-list only these ports are permitted as incoming traffic and nothing else the peers don't negotiate anything.

Bye!

Gabor

Labels:
0 Helpful
1 Reply 1

hucuncu
Level 1
Level 1

‎11-04-2002 04:32 AM

Hi Gabor,

Protocol 17 should also be permitted.

"IPSec uses IP protocols 50 and 51, and IKE traffic passes on protocol 17, port 500 (UDP 500). Make sure these are permitted appropriately. "

Have a nice day,

Onur

0 Helpful
Customers Also Viewed These Support Documents