Gre through PIX 515E

Hi,

I have a PIX515E, 5.3(2). I applied access-lists to permit only gre protocol between two stations (one from LAN, one from DMZ int) and it's not working, but when I allow only ip traffic it's working. There is no NAT from LAN to DMZ.

The same access-lists I applied on Cisco router and they were working, gre was passing, so everything was the same, except instead of pix I had router. Is there something else I must do on PIX? Or maybe upgrade to newer version? Any help is appreciated very much...

Thanks, Ivana

Reply to
Ivana Kvaka
Loading thread data ...

Hi,

Please append a statement to the accesslist denying traffic from the two stations and use the log option to have the pix log the denied packet to the console. Then see if the denied packet is the packet you expected to be allowed or see that it has a different signature than you expected.

Erik

Reply to
Erik Tamminga

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.