Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

SNA, Firewall and IP.

We need to send SNA traffic via the Cisco PIX Firewall. Is this possible?

Also we would like to use the same interface as we are using for SNA traffic to be configured for IP so that users can connect to it for ip purposes and also to send SNA traffic over the same interface. Is this also possible?.

And if the above are, is there a site that can tell me how to go about doing this.

Thanks

3 REPLIES
Gold

Re: SNA, Firewall and IP.

1. Are you using DLSW as transport for SNA, if so, then allowing ports 2065 and 2067 should work.

2. Pixes only really understand IP, so of your not using an IP transport, SNA will be problematic.

3. No problem.

New Member

Re: SNA, Firewall and IP.

Thanks

Yes we are going to use DLSw.

So we cannot configure the firewall to allow DLSw through. We have a remote site that wants to send SNA traffic down to the main site but we have a firewall between both sides.

So the firewall wil not allow DLSw/SNA through. How best do you think this can be configured?

Thanks

Silver

Re: SNA, Firewall and IP.

I would do it in this way:

Router at remote site should use DLSw to encapsulate SNA. At main site, dlsw peer router should be placed behind the firewall. So, the firewall would see IP traffic with remote router source address destinated to main site router (usually loopback addresses) using TCP ports 2065 and 2067. You sholud permit this IP traffic in your firewall.

HTH

458
Views
0
Helpful
3
Replies
CreatePlease to create content