Network Architecture
PCHost------Router2851-----PIX---------------Internet----------------- Router-------PCHost
Both end routers configured for GRE VPN tunnel, if i put PIX between Internet link & Router2851. internet is working fine on PCHOST, but VPN tunnel goes down, how can i allow GRE VPN traffic thru PIX.
VPN tunnel working properly without PIX.
I tried
access-list 1 permit gre any any
this did not work
Can someone help me in this regards ?
Thanks, Pritam
Permiting GRE on my access lists works fine for me. Are You sure, You are modyfing the access lists that's connected to the correct inferace?
Are you using static NAT for the PCHOST ? If not, are you at least using a global pool (i.e., a 'global' statement with an IP range) for it? You can't use GRE through PAT (port address translation, a 'global' statement with a single IP.)
I m very mutch sure i ve applied that access list to correct interface nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-group out in interface outside access-group in in interface inside access-list out permit gre any any access-list in permit gre any any access-list in permit ip any any
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.