Each protocol also has a number, a few other people posted links to lists of
those protocol numbers. In an access list, you can specify them like this:
access-list 102 permit tcp 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255
This would allow all TCP traffic to go from 192.168.1.0 subnet over to the
192.168.100.0 subnet... pretty standard access list command.
In that command, the keyword tcp (access-list 102 permit TCP...) specifies
the protocol in use.
If you want to allow protcol #50 instead... you would do something like
access-list 102 permit 50 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255
Or something to that effect.
Just substitute the # of the protocol in where you would normally put "tcp"
or "udp" or "ip".
Hope this helps,
Travis Gamble
> -----Original Message-----
> From: George Zhang
> Sent: 31 August 2000 15:33
> To: [EMAIL PROTECTED]
> Subject: A question about IPSec
>
> I read the following form Cisco documentation about IPSec:
>
> "IKE uses UDP port 500. The IPSec ESP and AH protocols use
> PROTOCOL
> numbers 50 and 51. Ensure that your access-list are
> configured so that
> 50, 51 and UDP port 500 traffic is not blocked ..."
>
> My question is, what are the PROTOCOL numbers? This is the
> first time I
> read or heard about "PROTOCOL number"? I know many
> protocols by names
> such as TCP, UDP, ICMP etc, by I have never heard about
> PROTOCOL
> numbers? What protocols 50 and 51 are associated with?
> Could someone
> please explain that to me? Thanks.
>
> George Zhang, CCNP
>
>
> ___________________________________
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> > ************
>
****************************************************************************
>
> The information in this e-mail is confidential to the ordinary user of the
> e-mail address to which it was addressed. If you receive it in error, you
> should not use or disseminate the information in it; instead, please
e-mail
> it back to the sender then delete the message from your system.
>
> Internet communications are not 100% secure and it is the responsibility
of
> the recipient to ensure that this email has not been tampered with and
that
> its attachments are virus free.
>
>
****************************************************************************
>
> > ************
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
