> -----Original Message-----
> From: Jesus Gonzalez [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 13 March 2001 10:42
> To: [EMAIL PROTECTED]
> Subject: RE: IPSEC and GRE
>
>
> Thanks to all of you for your help.
> First off, I'm running SecureZone 3.x. We are upgrading to
> Sidewinder here
> shortly.
>
> Someone mentioned
Me! Me! Me!
> that for IPSEC, I would have to open up IP
> 50 (AH) and IP
> 51 (ESP). So to clarify again, AH and ESP would NOT fall under a TCP
> property?
No. They are _IP_ protocols. TCP is an IP protocol (6) as is UDP (17). In
fact, go here: http://www.isi.edu/in-notes/iana/assignments/protocol-numbers
and go nuts.
> Then can someone explain to me why it is that a certain
> version of the Cisco
> IOS is required (I believe higher than 12.x)?
To do IPSec you need an IPSec image, which I know existed in 11.3 somewhere
as well as 12.x.
To clarify, though, it doesn't sound like you need to run IPSec on your
router - just _through_ it. This should not require any special IOS version.
> Thanks.
No worries.
Cheers,
--
Ben Nagy
Network Security Specialist
Marconi Services Australia Pty Ltd
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
