Understanding Security and Tunnel Predefined Policy Applications

When you create a policy, you can specify predefined security and tunnel applications for the policy.

Table 22 lists each supported application and gives the default port(s) and a description of each entry.

Table 22: Supported Applications

Application	Port	Description
IKE	UDP source 1-65535; UDP destination 500 4500 (used for NAT traversal)	Internet Key protocol (IKE) is a protocol to obtain authenticated keying material for use with ISAKMP. When configuring auto IKE, you can choose from three predefined Phase 1 or Phase 2 proposals: Standard: AES and 3DES Basic: DES and two different types of authentication algorithms Compatible: Four commonly used authentication and encryption algorithms
L2TP	1723	L2TP combines PPTP with Layer 2 Forwarding (L2F) for remote access.
PPTP	—	Point-to-Point Tunneling Protocol allows corporations to extend their own private network through private tunnels over the public Internet.

Application

Port

Description

IKE

UDP source 1-65535; UDP destination 500

4500 (used for NAT traversal)

Internet Key protocol (IKE) is a protocol to obtain authenticated keying material for use with ISAKMP.

When configuring auto IKE, you can choose from three predefined Phase 1 or Phase 2 proposals:

L2TP

1723

L2TP combines PPTP with Layer 2 Forwarding (L2F) for remote access.

PPTP

—

Point-to-Point Tunneling Protocol allows corporations to extend their own private network through private tunnels over the public Internet.