08-25-2008 05:45 PM - edited 03-11-2019 06:35 AM
is it possible to permit RIP through a 5510, using 7.2(10)2, without enabling RIP?
08-25-2008 06:38 PM
in ur case u need to run the ASA in transparant mode
in this case the ASA will work as a layer two device will not participat in any layer three addressing things and u can put it between two devices in the same ip addressing subnet
for example if u have PC >> ASA transparant mode>> router
the PC default gateway will be thw router
so if u have
Router with rip >>ASA transparnt mode>>> router with rip
those two routers can comunicate as in the same network as they connected to aswitch
however u need to permit the traffic through the ASA
just permit ip traffic for rip and multicasting for rip updates and thats it
have a look at the following link
good luck
if helpful rate
08-25-2008 06:40 PM
In transparent mode you can do this for sure. As in the 'Layer 2' mode of the firewall.
In the routed mode, you can make a GRE tunnel between the two devices and run inside it. You will then allow this GRE through the ASA.
Regards
Farrukh
08-25-2008 06:42 PM
hi Farrukh
it sounds we overlaped here :)
anyway this is 3 point for the GRE
08-25-2008 06:55 PM
Lolz OK. I think you posted while I was typing mine :)
Regards
Farrukh
08-25-2008 07:31 PM
ok, works in transparent mode, and will need a GRE tunnel to go thru routed mode... routed mode is required for the site where the 5510 is going to
one more favor; need a white page for setting up a GRE tunnel for this purpose
thanks, kevin
08-26-2008 04:12 AM
I could only find one link for GRE on the DOC-CD which is little different from your requimrent:
http://www.cisco.com/en/US/tech/tk86/tk89/technologies_configuration_example09186a008011520d.shtml
There is one with GRE OVER IPSEC:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008023ce5b.shtml
Regards
Farrukh
08-26-2008 04:27 AM
yeah, I am unable to locate much of anything.
this is it:
08-26-2008 04:31 AM
The link you sent is to allow L2TP or PPTP though firewall. It has no direct relation to this discussion. If you want to permit GRE then you can use a similar ACL as the link, as PPTP also uses GRE. But other than that, this link is not what you are looking for.
Regards
Farrukh
08-26-2008 04:36 AM
right, but it's the only reference to a GRE ACL for a ASA that I could find.
I not so sure a GRE tunnel for IOS routers is what would work either.
thanks, Kevin
08-26-2008 04:43 AM
this link for router to router gre over IPSEC
if u want only gre ignore the ipsec configs
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008023ce5b.shtml
and the following one contains lots of gre config links
http://www.cisco.com/en/US/tech/tk827/tk369/tk287/tsd_technology_support_sub-protocol_home.html
good luck
if helpful Rate
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: