Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
575
Views
0
Helpful
0
Replies

FMC Tunnel & Prefilter rules

ciscoworlds
Level 4
Level 4

‎03-09-2018 05:28 AM - edited ‎02-21-2020 07:29 AM

Hi. 

I believe it's a simple topic which has not been explained very clearly. I read about Tunnel & Prefilter rules on Cisco website and even on the books, but none of them was clear enough. So, Would u ask my questions here?

 

1. supposing we have not configured any Tunnel & Prefilter rules on FMC, if device gets a sample non-encrypted tunneled packet, e.g. GRE, what will be the process? Is it goes through normal Access Policies in "decapsulated" form (so access policies analyze only inner header) or in "encapsulated" form (so access policies analyze outer header)?

 

2. If we have configured a tunnel rule with "Analyze" action, will matched packets forwarded to be analyzed by normal access policies? 

 

3. supposing we have configured rules as below:

fmc5.png

 

What will happen if we get:

A) a FTP packet encapsulated inside a GRE packet 

B) a SSH packet encapsulated inside a GRE packet

C) a IPv6 FTP packet encapsulated as IPv6-in-IP

 

tnx a lot.

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card