Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
569
Views
0
Helpful
2
Replies

IOS firewall on 2811

farkascsgy
Level 4
Level 4

‎06-11-2007 11:01 PM - edited ‎03-11-2019 03:28 AM

All,

I have an 2811 router with advanced security IOS, two site-site VPNs are terminated on it. On the public interface I added an ACL which allows IPSec traffic and EIGRP - that's the routing protocol to the neighbor Border router. IPSec tunnels are working, but I can't reach the border router however the EIGRP process is up - neighbor relation is up too. I also added inspection for SSH, SNMP (see attachment) but I can't reach the Border router from internal LAN with SSH, SNMP, but I can ping.

10.x.x.201 is Loopback on Border

10.x.x.2 is a PC on LAN

If you have any idea please share with me.

bye

FCS

Labels:
Preview file
2 KB
0 Helpful
2 Replies 2

a-vazquez
Level 6
Level 6

‎06-19-2007 03:21 AM

Check the access list are created and applied on outside interface. Check these access list on both the devices and also check the source and destinations are properly given as per the scenoria.

0 Helpful

farkascsgy
Level 4
Level 4
In response to a-vazquez

‎06-19-2007 04:00 AM

What you mean to check? The problem is that the CBAC firewall drops the SSH connections as you can see in the attached file.

bye

FCS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card