Appendix D
Addresses, Protocols, and Ports Reference
Protocols and Applications
This section provides information about the protocols and applications with which you may need to work
when configuring the FWSM. It includes the following topics:
Possible literal values are ahp, eigrp, esp, gre, icmp, igmp, igrp, ip, ipinip, ipsec, nos, ospf, pcp, snp,
tcp, and udp. You can also specify any protocol by number. The esp and ah protocols only work in
conjunction with Private Link.
The FWSM does not pass multicast packets. Many routing protocols use multicast packets for data
Note
transfer. If you need to send routing protocols across the FWSM, configure the routers with the Cisco
IOS software neighbor command. We consider it inherently dangerous to send routing protocols across
the FWSM. If the routes on the unprotected interface are corrupted, the routes transmitted to the
protected side of the firewall will pollute routers there as well.
Table D-2
Table D-2
Literal
ah
eigrp
esp
gre
icmp
igmp
igrp
ip
ipinip
nos
ospf
pcp
snp
tcp
udp
Protocol numbers can be viewed online at the IANA website:
http://www.iana.org/assignments/protocol-numbers
OL-6392-01
lists the numeric values for the protocol literals.
Protocol Literal Values
Value
Description
51
Authentication Header for IPv6, RFC 1826
88
Enhanced Interior Gateway Routing Protocol
50
Encapsulated Security Payload for IPv6, RFC 1827
47
generic routing encapsulation
1
Internet Control Message Protocol, RFC 792
2
Internet Group Management Protocol, RFC 1112
9
Interior Gateway Routing Protocol
0
Internet Protocol
4
IP-in-IP encapsulation
94
Network Operating System (Novell's NetWare)
89
Open Shortest Path First routing protocol, RFC 1247
108
Payload Compression Protocol
109
Sitara Networks Protocol
6
Transmission Control Protocol, RFC 793
17
User Datagram Protocol, RFC 768
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
Protocols and Applications
D-5