Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

GRE traffic inspection by Firewall

Hi,

I have some query regarding firewalling and GRE tunnel traffic.The quieries are like this

1) Will I be able to inspect the traffic that is encapsulated on a GRE tunnel by putting a firewall (PIX or ASA) on the path of the GRE tunnel traffic.

2) If not , can i originate (or) create GRE tunnels on ASA firewalls.

3)If i use a IOS-Firewall router and if my GRE tunnel is starting on the same, will my traffic towards the GRE tunnel be inspected by the IOS FW.

Any help on these queries is appreciated

With Regards

NMG

1 REPLY
Bronze

Re: GRE traffic inspection by Firewall

hello,

1. have a pretty good feeling that you will not be able to inspect the traffic that is encapsulated on a GRE tunnel.

2. have a look at this link, it will be better then what you are trying for.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00804acfea.shtml

3. as long as the packet is not encapsulated then before entering the GRE tunnel, then "YES" the IOS FW can inspect it but if it is encapsulated ofcourse not.

HTH, please rate it.

614
Views
0
Helpful
1
Replies
CreatePlease to create content