For example (i use Cisco IOS 12.0 as firewall) i needed to give access to our vpn box (uses PPTP in my example - but it doesn't matter) that besides in DMZ so i needed to get it throu firewall with next access list (of course your syntax would be different) permit gre any any reflect FromHere (to outside traffic) permit gre any host xxx.xxx.xxx.xxx (to inside VPN box address in dmz) - -----Original Message----- >From: Jesus Gonzalez [mailto:[EMAIL PROTECTED]] >Sent: Monday, March 12, 2001 4:10 PM >To: [EMAIL PROTECTED] >Subject: IPSEC and GRE >Hi all, >I have a question that I'm a bit embarassed to ask. >We have users in our office that need access to a remote network that has a >compatible systems (now Cisco) VPN switch. I was told that in order to >allow this >through our firewall, I had to open up ports TCP 500 and GRE47. My question >concerns GRE. Is GRE a protocol like TCP/UDP/ICMP? Or is it a subset of >TCP? >In trying to configure my firewall (secure computing) I only see options for >TCP and UDP ports when trying to map a port. >Also, I believe I read in one of Cisco's tech bulletins that your Cisco >router must be running a certain version of the IOS in order for this to >work. WHY??? >Can someone please explain to me, in simple terms <grin> what exactly GRE >is? >Thanks in advance for your help! --------------------------------------------------------------------- Daniel Mester Portal Technologies Manager - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
