Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Trust IPSec traffic and avoid going through access control lists

IS there a command for ios routers like the pix command

--- sysopt connection permit-ipsec---

which will bypass the outside access-lists.

1 REPLY
Silver

Re: Trust IPSec traffic and avoid going through access control l

No, If you have an ACL on an interface you have to permit the IPSec traffic in the list.

Also, if the traffic is decrypted on the router with the ACL, in earlier IOS versions you had to permit the decrypted addresses and protocols in the ACL as well. This feature did change as IOS developed, may be worth researching if your likely to be affected by this.

Andy

124
Views
0
Helpful
1
Replies
CreatePlease to create content