cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
597
Views
0
Helpful
2
Replies

ACL for GRE over IPSec traffic

Need to place an ACL on traffic before GRE encap. Not sure if ACL will work on Tunnel interface due to sequence of events: ACL then encap or encap then ACL check.

Thanks

Jerry

2 Replies 2

cpopour
Level 1
Level 1

This document might help you determine how a packet is acted upon.

http://www.cisco.com/en/US/customer/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

You place the ACL on the GRE tunnel interface. An "out" ACL will act on data packets before they are GRE encapsulated. An "in" ACL will act on data packets after they have been GRE decapsulated.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: