Re: A question about IPSec
Each protocol also has a number, a few other people posted links to lists of those protocol numbers. In an access list, you can specify them like this: access-list 102 permit tcp 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255 This would allow all TCP traffic to go from 192.168.1.0 subnet over to the 192.168.100.0 subnet... pretty standard access list command. In that command, the keyword tcp (access-list 102 permit TCP...) specifies the protocol in use. If you want to allow protcol #50 instead... you would do something like access-list 102 permit 50 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255 Or something to that effect. Just substitute the # of the protocol in where you would normally put "tcp" or "udp" or "ip". Hope this helps, Travis Gamble > -Original Message- > From: George Zhang > Sent: 31 August 2000 15:33 > To: [EMAIL PROTECTED] > Subject: A question about IPSec > > I read the following form Cisco documentation about IPSec: > > "IKE uses UDP port 500. The IPSec ESP and AH protocols use > PROTOCOL > numbers 50 and 51. Ensure that your access-list are > configured so that > 50, 51 and UDP port 500 traffic is not blocked ..." > > My question is, what are the PROTOCOL numbers? This is the > first time I > read or heard about "PROTOCOL number"? I know many > protocols by names > such as TCP, UDP, ICMP etc, by I have never heard about > PROTOCOL > numbers? What protocols 50 and 51 are associated with? > Could someone > please explain that to me? Thanks. > > George Zhang, CCNP > > > ___ > UPDATED Posting Guidelines: > http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: > http://www.groupstudy.com > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > The information in this e-mail is confidential to the ordinary user of the > e-mail address to which it was addressed. If you receive it in error, you > should not use or disseminate the information in it; instead, please e-mail > it back to the sender then delete the message from your system. > > Internet communications are not 100% secure and it is the responsibility of > the recipient to ensure that this email has not been tampered with and that > its attachments are virus free. > > > > > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A question about IPSec
from http://www.isi.edu/in-notes/iana/assignments/protocol-numbers PROTOCOL NUMBERS In the Internet Protocol version 4 (IPv4) [RFC791] there is a field, called "Protocol", to identify the next level protocol. This is an 8 bit field. In Internet Protocol version 6 (IPv6) [RFC1883] this field is called the "Next Header" field. Stefano > -Original Message- > From: George Zhang [mailto:[EMAIL PROTECTED]] > Sent: giovedì 31 agosto 2000 16.33 > To: [EMAIL PROTECTED] > Subject: A question about IPSec > > > I read the following form Cisco documentation about IPSec: > > "IKE uses UDP port 500. The IPSec ESP and AH protocols use PROTOCOL > numbers 50 and 51. Ensure that your access-list are > configured so that > 50, 51 and UDP port 500 traffic is not blocked ..." > > My question is, what are the PROTOCOL numbers? This is the > first time I > read or heard about "PROTOCOL number"? I know many protocols by names > such as TCP, UDP, ICMP etc, by I have never heard about PROTOCOL > numbers? What protocols 50 and 51 are associated with? Could someone > please explain that to me? Thanks. > > George Zhang, CCNP > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A question about IPSec
Hi George, Hi Group, The protovol-number is a 8-bit field in the IP-Header and defines the Protocol that the packet encapsulated in the ip-header uses. Common Protocol Numbers: 1 ICMP 6 TCP 17 UDP 88 IGRP 89 OSPF You can find the complete reference at http://www.isi.edu/in-notes/iana/assignments/protocol-numbers hth Reinhold -- Reinhold Fischer CCNP/SCSA/HP Certified Consultant for Network Management On Thu, 31 Aug 2000, George Zhang wrote: > I read the following form Cisco documentation about IPSec: > > "IKE uses UDP port 500. The IPSec ESP and AH protocols use PROTOCOL > numbers 50 and 51. Ensure that your access-list are configured so that > 50, 51 and UDP port 500 traffic is not blocked ..." > > My question is, what are the PROTOCOL numbers? This is the first time I > read or heard about "PROTOCOL number"? I know many protocols by names > such as TCP, UDP, ICMP etc, by I have never heard about PROTOCOL > numbers? What protocols 50 and 51 are associated with? Could someone > please explain that to me? Thanks. > > George Zhang, CCNP > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A question about IPSec
>From the IANA: "In the Internet Protocol (IP) [DDN], [RFC791] there is a field, called Protocol, to identify the next level protocol. This is an 8 bit field." Look here: http://www.isi.edu/in-notes/iana/assignments/protocol-numbers for all the gory details... Dale [=`) >From: George Zhang <[EMAIL PROTECTED]> >Reply-To: George Zhang <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: A question about IPSec >Date: Thu, 31 Aug 2000 09:33:24 -0500 > >I read the following form Cisco documentation about IPSec: > >"IKE uses UDP port 500. The IPSec ESP and AH protocols use PROTOCOL >numbers 50 and 51. Ensure that your access-list are configured so that >50, 51 and UDP port 500 traffic is not blocked ..." > >My question is, what are the PROTOCOL numbers? This is the first time I >read or heard about "PROTOCOL number"? I know many protocols by names >such as TCP, UDP, ICMP etc, by I have never heard about PROTOCOL >numbers? What protocols 50 and 51 are associated with? Could someone >please explain that to me? Thanks. > >George Zhang, CCNP > > >___ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A question about IPSec
Are they not the port numbers? -Original Message- From: George Zhang Sent: 31 August 2000 15:33 To: [EMAIL PROTECTED] Subject:A question about IPSec I read the following form Cisco documentation about IPSec: "IKE uses UDP port 500. The IPSec ESP and AH protocols use PROTOCOL numbers 50 and 51. Ensure that your access-list are configured so that 50, 51 and UDP port 500 traffic is not blocked ..." My question is, what are the PROTOCOL numbers? This is the first time I read or heard about "PROTOCOL number"? I know many protocols by names such as TCP, UDP, ICMP etc, by I have never heard about PROTOCOL numbers? What protocols 50 and 51 are associated with? Could someone please explain that to me? Thanks. George Zhang, CCNP ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > The information in this e-mail is confidential to the ordinary user of the e-mail address to which it was addressed. If you receive it in error, you should not use or disseminate the information in it; instead, please e-mail it back to the sender then delete the message from your system. Internet communications are not 100% secure and it is the responsibility of the recipient to ensure that this email has not been tampered with and that its attachments are virus free. > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]