Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

tunnel snmp traffic

I have a router R0 , RO's f0/0 connects to a server and R0 also use the F0/0 as a gre tunnel's source interface . this tunnel's destination is the R3's f0/0 . and 1 smtp server connects to router R3. the server need to connect to the server's TCP port 25. and i put a acl on R0's f0/0

int f0/0

ip access-group snmp in

ip access-list extended snmp

permit tcp host host eq 25

there is no other ACL between this 2 servers.

but the server still can not access server by using tcp port 25.

since the tunnel 0 also use f0/0 as source interface , i guess maybe i need to add one more line for ACL snmp

permit tcp host eq 25 host

Please help me for this issue. if my guess is wrong , what is the right sloution .

  • LAN Switching and Routing
Hall of Fame Super Silver

Re: tunnel snmp traffic

Hello Yang,

you are right

the ACL should be written has:

permit tcp host eq 25 host

I would test this with the following:

just remove the ACL you have applied on the tunnel interface.

Test it without any ACL.

In these conditions can server connect to

Try with the modified ACL and see the behaviour.

your original ACL should match with traffic sent out the tunnel if R0 sees tunnel0 as the outgoing interface to reach

Hope to help


New Member

Re: tunnel snmp traffic

I can not test it since i need to submit change request before i change ACL.

This widget could not be displayed.