Hi, I have implemented an IPSEC Tunnel between a Cisco 1750 router and a Cisco PIX 520. The tunnel is configured to be between the inside segment(Server LAN) of the PIX and the LAN(Client end) behind the cisco router. The access-list applied for the match address permits IP access from end to end. In order to tighten the security, I have modified the access-list with restrictions allowing only the specific ports from the client end to the Server LAN. While applying the access-list I got a warning message in the PIX saying "THIS WILL CAUSE PERFORMANCE IMPACT". After applying the same I observed, there is a severe impact in the data transfer between the client and the server. The FTP session starts and the data transfer does not occurs. Can I have some Expert opinions on this problem? Can't I have port restrictions over the Tunnel? Thanx reddy __________________________________________________ Terrorist Attacks on U.S. - How can you help? Donate cash, emergency relief information http://dailynews.yahoo.com/fc/US/Emergency_Information/ _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
