07-01-2019 02:15 AM
Hi all,
I am implementing Eduroam at my site and there is a list of ports that need to be allowed open to anywhere. one of these is IP Protocol 41. I cannot seem to add this as an object on my Cisco FMC.
I am running FTD 6.2.3.4.
Does anyone know how to add this port object please?
Thanks
Solved! Go to Solution.
10-28-2019 08:00 AM
I had this same issue. TAC assisted but here is the answer
Go into your ACL Policy for that FW
Then Click on Pre-Filter Policy - Edit
From here you can click Add Tunnel Rule
This will create a tunnel specific rule
Pretty similar to ACL policy editor except for Encapsulation & Ports tab
which has 4 check boxes --- GRE / IP-in-IP / IPv6-in-IP / Teredo Port (3544)
Mine looks like this
name: Permit-41 - rule type: tunnel - Source Intf: Outside - Dest Intf: Inside - Source Networks: site1,2,3 etc - dest networks: vpn1,2,3 - source port: any - dest port: IPV6(41) - vlan tag: any - Action: --> FastPath
10-28-2019 08:00 AM
I had this same issue. TAC assisted but here is the answer
Go into your ACL Policy for that FW
Then Click on Pre-Filter Policy - Edit
From here you can click Add Tunnel Rule
This will create a tunnel specific rule
Pretty similar to ACL policy editor except for Encapsulation & Ports tab
which has 4 check boxes --- GRE / IP-in-IP / IPv6-in-IP / Teredo Port (3544)
Mine looks like this
name: Permit-41 - rule type: tunnel - Source Intf: Outside - Dest Intf: Inside - Source Networks: site1,2,3 etc - dest networks: vpn1,2,3 - source port: any - dest port: IPV6(41) - vlan tag: any - Action: --> FastPath
05-05-2020 11:57 PM
Hi,
I was going back through my old emails and found this reply. Thank you so much, this is the correct answer and it helped me configure GRE access for an Aruba Controller too.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide