All,
In a crypto acl ordanarily I would use something akin to:
permit ip source_ip + mask destination_ip + mask
My googling suggests that this is alway the way a crypto acl would be built, however, surely one could use TCP and port no's to be more specific.
Previous posts suggest not but I cannot find a good explaination as to why.
Regards
Darren