Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Help with Access list and encrypted trafic

Dear all,

Can someone let me know witch trafic is authorized with the following access list (under my wan interface) :

access-list 177 permit udp any eq non500-isakmp any eq non500-isakmp

Thanks and regards,

  • VPN
Everyone's tags (1)
3 REPLIES

Re: Help with Access list and encrypted trafic

Hi,

The ACL is allowing UDP 4500 which is used for NAT-T.

The router shows it as non-500 meaning that ESP traffic is encapsulated in NAT-T.

Hope it helps.

Federico.

New Member

Re: Help with Access list and encrypted trafic

In this case, my HTTPS trafic origine from LAN will be passed or not ?

Thanks,

Re: Help with Access list and encrypted trafic

If you HTTPS traffic will go through the IPsec tunnel, it will pass (all IP traffic will)...

But if the HTTPS traffic will not go through the tunnel, then you need to permit that traffic in the ACL.

Federico.

210
Views
0
Helpful
3
Replies
This widget could not be displayed.