Does permit ip any any include gre and esp?

Login or Register to post in the forums

2 posts / 0 new
Last post
ingram
ingram's picture
Does permit ip any any include gre and esp?
Printer-friendly versionPDF version

I'm making an outbound acl with a few specific deny rules. Everything else I want permitted. Does permit ip any any include gre and esp, or will I have to write separate rules for those protocols?

ingram
ingram's picture
No, permit ip any any does

No, permit ip any any does not include gre or esp. You must put individual entries in the access-list for gre and esp, like this:

hostname(config-ext-nacl)#permit ip any any

hostname(config-ext-nacl)#permit gre any any

hostname(config-ext-nacl)#permit esp any any