Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3260
Views
10
Helpful
2
Replies

How to add IP Protocol 41 (6to4 IPv6 Tunneling) to Cisco FTD?

Go to solution
GWH-jayohaitchenn
Level 1
Level 1

‎07-01-2019 02:15 AM

Hi all,

 

I am implementing Eduroam at my site and there is a list of ports that need to be allowed open to anywhere. one of these is IP Protocol 41. I cannot seem to add this as an object on my Cisco FMC.

 

I am running FTD 6.2.3.4.

 

Does anyone know how to add this port object please?

 

Thanks

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dbgiles
Level 1
Level 1

‎10-28-2019 08:00 AM

I had this same issue. TAC assisted but here is the answer

Go into your ACL Policy for that FW

Then Click on Pre-Filter Policy - Edit

From here you can click Add Tunnel Rule

This will create a tunnel specific rule

Pretty similar to ACL policy editor except for Encapsulation & Ports tab

    which has 4 check boxes --- GRE / IP-in-IP / IPv6-in-IP / Teredo Port  (3544)

Mine looks like this

name: Permit-41 - rule type: tunnel - Source Intf: Outside - Dest Intf: Inside - Source Networks: site1,2,3 etc - dest networks: vpn1,2,3 - source port: any - dest port: IPV6(41) - vlan tag: any - Action: --> FastPath

 

View solution in original post

2 Replies 2

Go to solution
dbgiles
Level 1
Level 1

‎10-28-2019 08:00 AM

I had this same issue. TAC assisted but here is the answer

Go into your ACL Policy for that FW

Then Click on Pre-Filter Policy - Edit

From here you can click Add Tunnel Rule

This will create a tunnel specific rule

Pretty similar to ACL policy editor except for Encapsulation & Ports tab

    which has 4 check boxes --- GRE / IP-in-IP / IPv6-in-IP / Teredo Port  (3544)

Mine looks like this

name: Permit-41 - rule type: tunnel - Source Intf: Outside - Dest Intf: Inside - Source Networks: site1,2,3 etc - dest networks: vpn1,2,3 - source port: any - dest port: IPV6(41) - vlan tag: any - Action: --> FastPath

 

Go to solution
GWH-jayohaitchenn
Level 1
Level 1
In response to dbgiles

‎05-05-2020 11:57 PM

Hi,

 

I was going back through my old emails and found this reply. Thank you so much, this is the correct answer and it helped me configure GRE access for an Aruba Controller too.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card