Hello,
I am testing an IPSEC VPN site to site on PIX 515 6.3(4)
Behind each PIX, I've got a router having all the routes to the inside networks.
I need to have GRE traffic to get into the VPN. So, to achieve it, I've got the networks where the GRE traffic to come from in my no-nat access-list and for the ACL for VPN, I've got something like "access-list 4VPN permit ip any any.
It looks the GRE traffic does not get through.
Questions,
- GRE traffic, it has an IP header? is this a tcp data flow? or what?
- Can PIX manage to VPN GRE TRAFFIC or I need to specify permit gre any any in my ACL? Is GRE part of the generic "IP" statement in a PIX ACL for VPN?
Thank you very much,
Dima