Don't quote me, but I do believe the access list is necessary as it actually
tells the router which traffic to encrypt. PERMIT =ENCRYPT and DENY=DON'T
ENCRYPT.
I think the following Cisco link may help answer your question best.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secu
r_c/scprt4/scdipsec.htm#37434
Antero Vasconcelos wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Hi,
I have a router connected to internet and remote clients with VPN-Client
1.1. They need to browse the networkview some hosts and access to some
network services.
the service don't work until I configure the access-list in the interface
interface Serial0.80 point-to-point
description Ligacao para VPNs sobre internet ***
bandwidth 192
ip address xxx.xxx.xxx.210 255.255.255.252
ip access-group 180 in
no ip route-cache
no ip mroute-cache
no cdp enable
frame-relay interface-dlci 80
class net-112k
crypto map mymap
access-list 180 permit ahp any host xxx.xxx.xxx.210
access-list 180 permit esp any host xxx.xxx.xxx.210
access-list 180 permit udp any host xxx.xxx.xxx.210 eq isakmp
access-list 180 permit tcp any host 192.168.0.2 eq 137
access-list 180 permit tcp any host 192.168.0.2 eq 138
access-list 180 permit tcp any host 192.168.0.2 eq 139
access-list 180 permit udp any host 192.168.0.2 eq netbios-ss
access-list 180 permit udp any host 192.168.0.2 eq netbios-dgm
access-list 180 permit udp any host 192.168.0.2 eq netbios-ns
access-list 180 permit tcp any host 192.168.0.4 eq 137
access-list 180 permit tcp any host 192.168.0.4 eq 138
access-list 180 permit tcp any host 192.168.0.4 eq 139
access-list 180 permit udp any host 192.168.0.4 eq netbios-ss
access-list 180 permit udp any host 192.168.0.4 eq netbios-dgm
access-list 180 permit udp any host 192.168.0.4 eq netbios-ns
access-list 180 deny ip any any log
Isthis necessary, or i miss something
Thx in advance.
Antero Vasconcelos
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63353t=6
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]