Using GRE ACL???

Unanswered Question
Feb 20th, 2007

Hi Guys,

I'm setting up a HO router with a VPN router. Before I tried to set this up using just ACLS but no luck. so now I've set it up with a tunnel on both ends, the crypto map configs. I can now ping both ends of the tunnel but I'm unsure of the GRE config i need to apply on my ACL. Can I create the following ACL ?

ip access-list extended RCHomeOfficeCrypto_ACL

permit gre host 66.28.244.18 host 213.94.219.249

permit ip 172.16.0.0 0.0.255.255 172.17.25.80 0.0.0.15

permit ip 172.17.0.0 0.0.255.255 172.17.25.80 0.0.0.15

permit ip 192.168.0.0 0.0.255.255 172.17.25.80 0.0.0.15

permit ip 192.206.209.0 0.0.0.255 172.17.25.80 0.0.0.15

All other similar types i've set up i just used GRE statement and using BGP for the rest but for this HO it doesn't support BGP so i'm just trying to set it up using ACLs.

Any ideas?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bwalchez Mon, 02/26/2007 - 07:23

P Security (IPSec) provides secure tunnels between two peers, such as two routers. You can define which packets are to be considered sensitive and sent through these secure tunnels. You can also define the parameters which should be used to protect these sensitive packets, by specifying characteristics of these tunnels. When the IPSec peer sees a sensitive packet, it sets up the appropriate secure tunnel and sends the packet through the tunnel to the remote peer.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_fix/826/swg/routconf.htm#wp1087159

Actions

This Discussion