Re: IPSEC through cisco router

From: ron.wilkerson@gmail.com
Date: Thu Jan 22 2009 - 10:34:00 ARST

• Next message: Alexei Monastyrnyi: "Re: IPSEC through cisco router"
• Previous message: Asim Zafar: "IPSEC through cisco router"
• Maybe in reply to: Asim Zafar: "IPSEC through cisco router"
• Next in thread: Alexei Monastyrnyi: "Re: IPSEC through cisco router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

One way to see which ports/protocols are being used is to create an acl that blocks everything and log the msg. The port/protocol info will show up in the log and you'll know what to allow in your acl.

This works best in a lab environment of course.

The most common ports/protocols for ipsec are:

Udp - 500 (isakmp)
Udp - 4500 (pat)

Protocol 50 for esp
Protocol 51 for ah

Ron
-----Original Message-----
From: Asim Zafar <asim.mz@gmail.com>

Date: Thu, 22 Jan 2009 17:22:22
To: Cisco certification<ccielab@groupstudy.com>
Subject: IPSEC through cisco router

Dear Group,

How can i setup cisco router to pass ipsec ports and create IPSEC
tunnel behind it on a ASA 5510 which will be on private ip address.

-- 
Thanks & Regards,
Asim Zafar
Blogs and organic groups at http://www.ccie.net

• Next message: Alexei Monastyrnyi: "Re: IPSEC through cisco router"
• Previous message: Asim Zafar: "IPSEC through cisco router"
• Maybe in reply to: Asim Zafar: "IPSEC through cisco router"
• Next in thread: Alexei Monastyrnyi: "Re: IPSEC through cisco router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:39 ARST