6509, GRE & FWSM

Answered Question
Jun 12th, 2007

I'm trying to confirm the following but can't seem to find the 2 answers that I need. Can anyone help.

We will be using GRE tunnels from remote sites that terminate on 6509 switches in the primary site to get multicast across a providers cloud.

I know that both the 7204 & 6509 that we are using can support GRE tunnelling and have it in place on a test network.

The 2 Questions

1. Does the 6509 with FWSM still support GRE tunnels (I know pix don't)?

2. Can the FWSM inspect packets arriving on the tunnel interface and leaving out a physically routed port or even a vlan interface?

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 9 years 7 months ago

Hi

Are you askin if the FWSM supports GRE or the 6500 with a FWSM in it. If the second then yes the 6500 will still support a GRE tunnel.

Could you be a bit more specific in question 2. The FWSM deals with vlan interfaces and bridge groups. You could terminate the GRE tunnel onto a router in a DMZ and then inspect the traffic.

HTH

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Tue, 06/12/2007 - 23:03

Hi

Are you askin if the FWSM supports GRE or the 6500 with a FWSM in it. If the second then yes the 6500 will still support a GRE tunnel.

Could you be a bit more specific in question 2. The FWSM deals with vlan interfaces and bridge groups. You could terminate the GRE tunnel onto a router in a DMZ and then inspect the traffic.

HTH

Jon

Mel Popple Thu, 06/21/2007 - 04:22

Sorry about the delay in response.

I think you answered both questions for me. It would be preferrable to terminate the tunnels on an external router that attaches to the 6500 and then inspect the traffic as it pass through the switch

Actions

This Discussion