is there a command in IOS that allows encrypted traffic to bypass the external access-list of a router. I only want the ipsec ports in the external ACL - I do not really want to list the remote and local encryption domain in the acl.
I haven't personally tested it yet (because the code isn't available), but the fix is supposedly in the 4th release of the 12.3T train, so that'd be the next release after 12.3(7)T. It may or may not be 12.3(8)T, depends on the timing of the next release, but if you upgrade to this when it becomes available you should be able to remove the local/remote networks from your ACL.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...