If using Encryption (DES, 3DES) the following will work:
ip access-list extended VPN
permit esp host 10.1.1.1 host 10.1.2.1
permit udp host 10.1.1.1 host 10.1.2.1 eq isakmp
If using on Authentication header only (MD5, SHA1) the following will work:
ip access-list extended VPN
permit ahp ho
ED]]
> Sent: Monday, March 12, 2001 3:15 PM
> To: 'kevin smith'; [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: Access list to deny IPSEC on c1600
>
> I have the security specialization and have been doing security for the
> last
> 3 years. I have
Block ports 500(isakmp), 50(esp) and 51(ahp).
-Original Message-
From: Gil Shulman [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 12, 2001 6:37 AM
To: 'Damien Kelly'; '[EMAIL PROTECTED]'
Subject: RE: Access list to deny IPSEC on C1600
Hi,
The IPSEC protoc
CTED]...
> Get you facts straight before you send a message to the entire group
>
> > -Original Message-
> > From: kevin smith [SMTP:[EMAIL PROTECTED]]
> > Sent: Monday, March 12, 2001 2:45 PM
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject
, March 12, 2001 9:45 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: Access list to deny IPSEC on c1600
i see you are not much of security p.
because there is another term in sec
for hash.
so much for trying to help out and correct
some mistake by fello lisp server users.
that is it for
Get you facts straight before you send a message to the entire group
> -Original Message-
> From: kevin smith [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, March 12, 2001 2:45 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: Access list to deny IPS
i see you are not much of security p.
because there is another term in sec
for hash.
so much for trying to help out and correct
some mistake by fello lisp server users.
that is it for me no more helping out
i wonder if everyone at orbicom is
incooperative as u
--
i do not know what you been smoking but
the udp is 500 for ipsec iskmp (or simply ike)
you can verify simply checkin on your
winx machine's port list.
50 and 51 is not related to ipsec port but
they are protocols.
of course related to ipsec.
---
FREE!
Hi,
The IPSEC protocol uses UDP port 500.
Gil
-Original Message-
From: Damien Kelly [mailto:[EMAIL PROTECTED]]
Sent: ??? ??? 12 ??? 2001 12:33
To: '[EMAIL PROTECTED]'
Subject: Access list to deny IPSEC on C1600
Hi All
One of our office is on ISDN dialup and has
Hi All
One of our office is on ISDN dialup and has a firewall behind it on the LAN,
we have an issue with the line connecting to the ISP every min, 24 x 7, as
you can imagine the ISDN bill is huge. We have determined the VPN link is
cauing the dialup's. The Cisco is a 1603, I want to create a
10 matches
Mail list logo