07-01-2007 06:02 PM - edited 03-11-2019 03:38 AM
I have an MPLS connection running through a pix (7.1.1) running in transparent mode but am unable to filter any of the MPLS traffic. I can ping and telnet through the pix but never see anything in my logs or connection table apart from the UDP/711 and BGP/179 traffic. Is there a way to have the pix filter MPLS-unicast traffic? I have 2 ACL's applied one that permits all ip/icmp and another to allow the MPLS-Unicast ethertype to pass. Any guidance would be greatly appreciated.
Thanks,
Rob Floyd
07-06-2007 08:28 AM
Try this:
use EtherType ACE, eg..
hostname(config)# access-list ETHER ethertype deny mpls-unicast.
07-06-2007 09:35 AM
I got confirmation that what I was attempting to do is not supported. I want to allow the MPLS unicast through but want to filter higher up the stack into specific VRF's. Not supported at this time.
Thanks,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: