Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1406
Views
0
Helpful
3
Replies

GRE tunnel bypass the ACL rule......?

ajf303
Level 1
Level 1

‎06-25-2013 06:03 AM - edited ‎03-04-2019 08:17 PM

                   Hi,

Ref the attached  diagram,

can anyone explain, once if i create tunnel between  router0 to Switch, and will it bypass the ACL rule....?

Labels:
Preview file
19 KB
0 Helpful
3 Replies 3

mfurnival
Level 4
Level 4

‎06-25-2013 07:12 AM

If you encapsulate the traffic in a GRE tunnel it will not hit that firewall rule because the source address will be different. Having said that, you can't terminate a GRE tunnel on a 3560 switch - you typically create GRE tunnels between routers, not switches.

0 Helpful

ajf303
Level 1
Level 1
In response to mfurnival

‎06-25-2013 12:34 PM

Yes. I practically facing this issue. we recently commionned one MPLS location which is having C881 router and it is terminated at Core HO router tru ISP.  locations need to be reach one server  at HO LAN segment with port of 135.

Existing location are working. problem is only on newly commissioned locations router, which is unable to access the server on some of the service ports(135, 25 etc..) till to create GRE tunnel b/w core router and location router.

I am not sure that ISP is blocking this ports, even we dont have any FW in b/w this network.

Is any other causes of this problem and how to make communication without GRE tunnel.

0 Helpful

mfurnival
Level 4
Level 4
In response to ajf303

‎06-26-2013 04:21 AM

So you have connectivity but it does not connect on certain ports? How have you proved this? I can't see why the service provider would have blocked anything unless you have asked them to do so.

0 Helpful
Customers Also Viewed These Support Documents