No... if all you want is GRE thats all you need. Its like on an ACL on a router if you want to allow OSPF89/EIGRP90 or whatever you dont need to necessarily allow TCP6 etc either.
Cheers, Matt 2008/6/1 Thotsapol Luengwattanaphong <[EMAIL PROTECTED]>: > Matt, > Do we have to allow both protocols? If I want to let GRE packets > passthrough the ASA > > Thanks > Thot > >> Date: Sun, 1 Jun 2008 18:11:51 +0930 >> From: [EMAIL PROTECTED] >> To: [email protected] >> CC: [EMAIL PROTECTED] >> Subject: Re: [OSL | CCIE_RS] Access-List on ASA >> >> GRE is IP Protocol number 47. >> TCP is 6 >> etc etc >> >> Cheers, >> Matt >> >> 2008/6/1 Thotsapol Luengwattanaphong <[EMAIL PROTECTED]>: >> > Seems GRE has its own protocal number. So you have to allow GRE as well >> > as >> > IP just in case. >> > Mavin,please correct me if I'm wrong >> > >> > Thot >> > >> > >> > ________________________________ >> > From: [EMAIL PROTECTED] >> > To: [email protected]; [EMAIL PROTECTED] >> > Date: Sat, 31 May 2008 16:36:42 -0400 >> > Subject: Re: [OSL | CCIE_RS] Access-List on ASA >> > >> > IP is a superset, which includes TCP, UDP, GRE, and other protocols. >> > >> > >> > >> > IP can be used for either ASA or IOS ACLs. >> > >> > >> > >> > Marvin Greenlee, CCIE #12237 (R&S, SP, Sec) >> > Senior Technical Instructor - IPexpert, Inc. >> > Telephone: +1.810.326.1444 >> > Fax: +1.810.454.0130 >> > >> > Mailto: [EMAIL PROTECTED] >> > >> > >> > >> > Join our free online support and peer group communities: >> > http://www.IPexpert.com/communities >> > >> > >> > >> > IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On >> > Demand >> > and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE >> > Security Lab, CCIE Service Provider Lab, CCIE Voice Lab and CCIE Storage >> > Lab >> > Certifications. >> > >> > ________________________________ >> > >> > From: [EMAIL PROTECTED] >> > [mailto:[EMAIL PROTECTED] On Behalf Of ZEESHAN >> > SANAULLAH >> > Sent: Saturday, May 31, 2008 4:10 PM >> > To: [email protected]; [EMAIL PROTECTED] >> > Subject: [OSL | CCIE_RS] Access-List on ASA >> > >> > >> > >> > Dear All , >> > >> > >> > When using acls on ASA , when we use protocol IP ... does this also >> > include >> > TCP or UDP ... or we have to use TCP acls or UDP acls.. >> > >> > >> > for example permit ip host a.b.c.d host x.y.w.z >> > >> > does this also include tcp and udp >> > >> > or we have to use all there protocols to allow full access >> > >> > >> > and what IOS Acls >> > >> > thanx >> > >> > >> > >> > ________________________________ >> > >> > Change the world with e-mail. Join the i'm Initiative from Microsoft. >> > >> > ________________________________ >> > Give to a good cause with every e-mail. Join the i'm Initiative from >> > Microsoft. > > > ________________________________ > Keep your kids safer online with Windows Live Family Safety. Help protect > your kids.
