Don't quote me, but I do believe the access list is necessary as it actually tells the router which traffic to encrypt. PERMIT =ENCRYPT and DENY=DON'T ENCRYPT.
I think the following Cisco link may help answer your question best. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secu r_c/scprt4/scdipsec.htm#37434 ""Antero Vasconcelos"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > I have a router connected to internet and remote clients with VPN-Client > 1.1. They need to browse the networkview some hosts and access to some > network services. > > the service don't work until I configure the access-list in the interface > > interface Serial0.80 point-to-point > description **** Ligacao para VPNs sobre internet *** > bandwidth 192 > ip address xxx.xxx.xxx.210 255.255.255.252 > ip access-group 180 in > no ip route-cache > no ip mroute-cache > no cdp enable > frame-relay interface-dlci 80 > class net-112k > crypto map mymap > > access-list 180 permit ahp any host xxx.xxx.xxx.210 > access-list 180 permit esp any host xxx.xxx.xxx.210 > access-list 180 permit udp any host xxx.xxx.xxx.210 eq isakmp > access-list 180 permit tcp any host 192.168.0.2 eq 137 > access-list 180 permit tcp any host 192.168.0.2 eq 138 > access-list 180 permit tcp any host 192.168.0.2 eq 139 > access-list 180 permit udp any host 192.168.0.2 eq netbios-ss > access-list 180 permit udp any host 192.168.0.2 eq netbios-dgm > access-list 180 permit udp any host 192.168.0.2 eq netbios-ns > access-list 180 permit tcp any host 192.168.0.4 eq 137 > access-list 180 permit tcp any host 192.168.0.4 eq 138 > access-list 180 permit tcp any host 192.168.0.4 eq 139 > access-list 180 permit udp any host 192.168.0.4 eq netbios-ss > access-list 180 permit udp any host 192.168.0.4 eq netbios-dgm > access-list 180 permit udp any host 192.168.0.4 eq netbios-ns > access-list 180 deny ip any any log > > Isthis necessary, or i miss something???? > > > > Thx in advance. > Antero Vasconcelos Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63353&t=63333 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
