cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


305
Views
0
Helpful
0
Replies
Highlighted
Enthusiast

FMC Tunnel & Prefilter rules

Hi. 

I believe it's a simple topic which has not been explained very clearly. I read about Tunnel & Prefilter rules on Cisco website and even on the books, but none of them was clear enough. So, Would u ask my questions here?

 

1. supposing we have not configured any Tunnel & Prefilter rules on FMC, if device gets a sample non-encrypted tunneled packet, e.g. GRE, what will be the process? Is it goes through normal Access Policies in "decapsulated" form (so access policies analyze only inner header) or in "encapsulated" form (so access policies analyze outer header)?

 

2. If we have configured a tunnel rule with "Analyze" action, will matched packets forwarded to be analyzed by normal access policies? 

 

3. supposing we have configured rules as below:

fmc5.png

 

What will happen if we get:

A) a FTP packet encapsulated inside a GRE packet 

B) a SSH packet encapsulated inside a GRE packet

C) a IPv6 FTP packet encapsulated as IPv6-in-IP

 

tnx a lot.