RE: Extended ACL to permit GRE traffic..

Great example - thanks.

Jit
________________________________
From: ccie study [cciestudy_at_hotmail.com]
Sent: Monday, 1 March 2010 2:16 PM
To: Jitendra Anbu; ccielab_at_groupstudy.com
Subject: RE: Extended ACL to permit GRE traffic..

Yes IP will permit it. Using GRE will make sure that you only restrict this to
GRE vs other IP related protocols such as UDP or TCP ports which your first
ACL allows through.

You can always test! ex: create ACL and watch your counters:

permit ip host x host y log
permit gre host x host x log
permit ip any any

reverse it to validate...

permit gre host x host x log
permit ip host x host y log
permit ip any any log

-J

> From: Jitendra.Anbu_at_optus.com.au
> To: ccielab_at_groupstudy.com
> Date: Mon, 1 Mar 2010 13:49:11 +1100
> Subject: Extended ACL to permit GRE traffic..
>
> Hi All,
>
> If you create a Extended ACL as;
>
> ip access-list extended TUNNEL
> permit ip host 203.208.174.93 host 85.115.65.7
>
> Would this permit GRE traffic - for example?
>
> OR
>
> do I need this to permit GRE;
>
> ip access-list extended TUNNEL
> permit gre host 203.208.174.93 host 85.115.65.7
>
> Thank you.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>

________________________________
Hotmail: Free, trusted and rich email service. Get it
now.<http://clk.atdmt.com/GBL/go/201469228/direct/01/>

Blogs and organic groups at http://www.ccie.net
Received on Mon Mar 01 2010 - 19:15:49 ART