Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

GRE Tunnels and Firewall

I have about 12 remote sites all connected to a central Cisco 2811 router using GRE tunnels across ADSL. The 2811 is separated from the Central LAN by a Nokia firewall.At the moment all the remote sites can route to each other via the central 2811 router but I want all this traffic to go through the firewall so I can do some filtering (don't really want to use ACLs as I want to centralise the filtering on the firewall). The only 2 options I can think of are to either create a GRE tunnel directly from the remote router and the Nokia firewall (don't like the idea of this though). Alternatively create a route-map to force all traffic incoming from each remote site up to the firewall. I tried the route-map some time ago and had some problems though. Anyone have any other suggestions ? Thanks

Hall of Fame Super Silver

Re: GRE Tunnels and Firewall


It seems to me that the best option is Policy Based Routing to take traffic that comes in on a GRE tunnel and send it out the interface to the firewall.

I am not sure what problem you had before when you tried it. But I believe the PBR would work for you to accomplish what you need.



CreatePlease login to create content