Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
289
Views
0
Helpful
2
Replies

GRE and PIX

susanto_leman
Level 1
Level 1

‎08-05-2003 07:28 PM - edited ‎02-20-2020 10:54 PM

Hi All,

I want to do the tunnelling in GRE or IPIP mode on the router behind the firewall. Then I do static NAT on the router for the tunnel source. I have opened ip any any and GRE for that static IP but somehow, I got error messages such as no xlate..My PIX image is 6.2. Does 6.2 support GRE-passthru ??

How about 6.3(2) ??

any comments will be appreciated ...

thanks and regards

susanto

0 Helpful
2 Replies 2

drolemc
Level 6
Level 6

‎08-11-2003 01:02 PM

The 'no xlate' message indicates a problem with the translations. If the GRE router is located behind a PIX, it's better to let the PIX handle the translations (nat/pat etc).You could refer to the configuration example at http://www.cisco.com/warp/public/707/ipsecgrenat.html. You couls laso refer to http://www.cisco.com/warp/public/707/gre_ipsec_ospf.html.

0 Helpful

ncorder
Level 1
Level 1

‎08-14-2003 10:56 AM

6.3 does handle GRE better. 6.3 has a pptp fixup option so if you happen to be trying to connect to a PPTP vpn then just enable pptp fixup and it will work. There is a bug in 6.3(1) that sometimes makes you try to connect twice before it works but 6.3(2) is supposed to fix that.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card