Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ACL for GRE over IPSec traffic

Need to place an ACL on traffic before GRE encap. Not sure if ACL will work on Tunnel interface due to sequence of events: ACL then encap or encap then ACL check.

Thanks

Jerry

2 REPLIES
New Member

Re: ACL for GRE over IPSec traffic

This document might help you determine how a packet is acted upon.

http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

Re: ACL for GRE over IPSec traffic

You place the ACL on the GRE tunnel interface. An "out" ACL will act on data packets before they are GRE encapsulated. An "in" ACL will act on data packets after they have been GRE decapsulated.

182
Views
0
Helpful
2
Replies
CreatePlease to create content