06-25-2013 06:03 AM - edited 03-04-2019 08:17 PM
Hi,
Ref the attached diagram,
can anyone explain, once if i create tunnel between router0 to Switch, and will it bypass the ACL rule....?
06-25-2013 07:12 AM
If you encapsulate the traffic in a GRE tunnel it will not hit that firewall rule because the source address will be different. Having said that, you can't terminate a GRE tunnel on a 3560 switch - you typically create GRE tunnels between routers, not switches.
06-25-2013 12:34 PM
Yes. I practically facing this issue. we recently commionned one MPLS location which is having C881 router and it is terminated at Core HO router tru ISP. locations need to be reach one server at HO LAN segment with port of 135.
Existing location are working. problem is only on newly commissioned locations router, which is unable to access the server on some of the service ports(135, 25 etc..) till to create GRE tunnel b/w core router and location router.
I am not sure that ISP is blocking this ports, even we dont have any FW in b/w this network.
Is any other causes of this problem and how to make communication without GRE tunnel.
06-26-2013 04:21 AM
So you have connectivity but it does not connect on certain ports? How have you proved this? I can't see why the service provider would have blocked anything unless you have asked them to do so.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide