Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISIS/CLNS and PIX Firewall

Dear All,

I have a PIX Firewall that protect an IP network.

Can I use the same PIX to protect and filter some ISIS/CLNS traffic.

If yes how? and if no how can I protect my ISIS/CLNS network (filtering the CLNS Traffic) ?

Regards

2 REPLIES
Cisco Employee

Re: ISIS/CLNS and PIX Firewall

By default PIX will block/deny everything from outside to inside unless explicitly permitted using the access-list. Furthermore, PIX does not participate and/or advertise any routing protocol updates. It only learns/supports RIP updates passively, does not advertise further.

I guess that answers your question about ISIS/CLSN.

If you want two peers to build neighbor relationship for any routing protocol through PIX, use GRE tunnel to do this. There are some sample configs on CCO.

HTH

R/Yusuf

New Member

Re: ISIS/CLNS and PIX Firewall

ISIS and CLNS is OSI stuff. More exactly: CLNS is a service which is built on

- ISIS

- CLNP

- ES-IS

The PIX is an IP device. Therefore, filtering e. g. clnp packets is not possible.

296
Views
0
Helpful
2
Replies