Re: Strange GRE issue with 12.4(19)

jamesl0112 · ‎09-08-2008

I had a strange issue recently where my 3725 running c3725-adventerprisek9-mz.124-19.bin didn't seem to allowing GRE packets or even logging that they were being dropped.

LAN clients were no longer able to connect to a PPTP server out on the internet. If the router was swapped back to the older router, it worked fine again.

The ACL on the router was copied from the original router -

60 permit gre host x.x.x.x any

70 permit tcp host x.x.x.x eq 1723 any

Where x.x.x.x is the PPTP server.

When I added log to the end, sometimes nothing would show up. It was as if the server at the other end wasn't sending back any responses after the original connection. On the other hand, sometimes it would log a packet coming back, but still, the connection would fail.

After preventing any other traffic apart from a test machine, I enabled debug ip packet and could see something going back and forth - but no connection was ever established.

I temporarily disabled the ACLS and ip inspect on the router - no change.

I then downgraded the IOS version to 12.4(12) and it has worked flawlessly ever since.

Any thoughts on why this might have fixed it? I'm glad it did, but I don't know why.

singhsaju · ‎09-08-2008

James,

I would suggest you to open a Cisco TAC case and have it investigated for bug etc .

HTH

Saju

arupbiet2006 · ‎09-08-2008

hi,

u can use this ios image c3725-adventerprisek9-mz.124-15.XZ.bin

i think it will resolve your problem

jamesl0112 · ‎09-09-2008

Hi,

Does that work for you then? Or do you have other information saying that it should work?

Having said that I couldn't see 124-15.XZ on the feature navigator.