cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Tunnel traffic through ZBFW

16
Views
0
Helpful
0
Comments
Beginner

Hello,

I am trying to configure ZBFW in the MID router, using the following topology:

CiscoCOM.PNG

 

The main objective is allowing the following protocols to pass from the TEST zone to NODO_SUC zone, with the condition that the communication must start in the TEST zone:

  • udp
  • tcp
  • ssh
  • icmp
  • isakmp

When I try to ping from 11.0.0.3 to 10.0.0.2 it works, and when I try to ping from 10.0.0.2 to 11.0.0.3 it does not work (it is OK). The problem is when I try to ping from 192.168.1.2 to 192.168.1.1, through the tunnels, it does not work. I would like to know what's the problem here.

The configuration from both tunnels in the routers is the following:

Sucursal#sh run int tun1
Building configuration...

Current configuration : 118 bytes
!
interface Tunnel1
ip address 192.168.1.1 255.255.255.252
tunnel source 10.0.0.2
tunnel destination 11.0.0.3
end

Sucursal#

 

Test2#sh run int tun1
Building configuration...

Current configuration : 118 bytes
!
interface Tunnel1
ip address 192.168.1.2 255.255.255.252
tunnel source 11.0.0.3
tunnel destination 10.0.0.2
end

Test2#

 

I have posted the configuration from the MID router for any question about it.

 

Thanks & Regards,

Franco Riggio

CreatePlease to create content
Content for Community-Ad
Cisco Community April 2020 Spotlight Award Winners
This widget could not be displayed.