Yes IP will permit it. Using GRE will make sure that you only restrict this to
GRE vs other IP related protocols such as UDP or TCP ports which your first
ACL allows through.
You can always test! ex: create ACL and watch your counters:
permit ip host x host y log
permit gre host x host x log
permit ip any any
reverse it to validate...
permit gre host x host x log
permit ip host x host y log
permit ip any any log
-J
> From: Jitendra.Anbu_at_optus.com.au
> To: ccielab_at_groupstudy.com
> Date: Mon, 1 Mar 2010 13:49:11 +1100
> Subject: Extended ACL to permit GRE traffic..
>
> Hi All,
>
> If you create a Extended ACL as;
>
> ip access-list extended TUNNEL
> permit ip host 203.208.174.93 host 85.115.65.7
>
> Would this permit GRE traffic - for example?
>
> OR
>
> do I need this to permit GRE;
>
> ip access-list extended TUNNEL
> permit gre host 203.208.174.93 host 85.115.65.7
>
> Thank you.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
Received on Mon Mar 01 2010 - 03:16:19 ART
This archive was generated by hypermail 2.2.0 : Thu Apr 01 2010 - 07:26:34 ART