No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>


To have a better experience, please upgrade your IE browser.


IPSEC—problems caused by several acl rules

Publication Date:  2012-09-11 Views:  346 Downloads:  0
Issue Description
USG2120 Constitutes ipsec with Cisco3845 router, there is no problem if write address of web server only in acl, add a town bureau network segment into acl, access failed.
Alarm Information
Handling Process
Constitute another acl, write into network segment of town bureau, constitute a strategy then, as follows:
ipsec policy map1 10 isakmp
    security acl 3000
    proposal tran1
    ike-peer b
ipsec policy map1 11 isakmp
    security acl 3001
   proposal tran1   
    ike-peer b
apply to interface, problem solved.
Root Cause
 Configure several acl rules on board-end, only one rule works, add ip address from town bureau into acl still negative.
 Pay attention to the regulation of acl.