IOS firewall problem

Unanswered Question


I have an 1841 router on which I wish to run the IOS firewall. This device has a public internet connection via a VRF and I wish to put zone based firewalling in place between this and a public dmz on the same device. My problem is that I cannot seem to allow ESP/AH pass through in the firewall rules. We have other firewalls in the DMZ that terminate VPN tunnels. I have tried to create a class mapp with the match protocol ipsec statement but as soon as I put the inspect in the class map it wont allow IPSEC. Is there a special way to do this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ebreniz Thu, 05/10/2007 - 05:57

Here we need to know what version of IOS are you using in the router also need to know whether the command is getting rejected?


This Discussion