Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Silver

IOS firewall on 2811

All,

I have an 2811 router with advanced security IOS, two site-site VPNs are terminated on it. On the public interface I added an ACL which allows IPSec traffic and EIGRP - that's the routing protocol to the neighbor Border router. IPSec tunnels are working, but I can't reach the border router however the EIGRP process is up - neighbor relation is up too. I also added inspection for SSH, SNMP (see attachment) but I can't reach the Border router from internal LAN with SSH, SNMP, but I can ping.

10.x.x.201 is Loopback on Border

10.x.x.2 is a PC on LAN

If you have any idea please share with me.

bye

FCS

2 REPLIES
Silver

Re: IOS firewall on 2811

Check the access list are created and applied on outside interface. Check these access list on both the devices and also check the source and destinations are properly given as per the scenoria.

Silver

Re: IOS firewall on 2811

What you mean to check? The problem is that the CBAC firewall drops the SSH connections as you can see in the attached file.

bye

FCS

267
Views
0
Helpful
2
Replies
CreatePlease to create content