Sometime in not so distant IOS past, it used to be that "permit ip"
actually did not automatically permit GRE. I think it was around 11.x
code. I guess this just might show the age of the one who configured
it ... :-)
-- Marko Milivojevic - CCIE #18427 Senior Technical Instructor - IPexpert FREE CCIE training: http://bit.ly/vLecture Mailto: markom_at_ipexpert.com Telephone: +1.810.326.1444 Web: http://www.ipexpert.com/ On Thu, Dec 23, 2010 at 05:10, Joseph L. Brunner <joe_at_affirmedsystems.com> wrote: > I'll start; > > Saw this today in a firewall: > > access-list outside_allowed_in permit ip host 209.214.205.10 host > 38.104.11.13 > access-list outside_allowed_in permit gre host 209.214.205.10 host > 38.104.11.13 > access-list outside_allowed_in permit icmp host 209.214.205.10 host > 38.104.11.13 > > . > . > . > > access-group outside_allowed_in in interface outside > > > > LOL > > > Blogs and organic groups at http://www.ccie.net > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html Blogs and organic groups at http://www.ccie.netReceived on Thu Dec 23 2010 - 05:57:17 ART
This archive was generated by hypermail 2.2.0 : Sat Jan 01 2011 - 09:37:49 ART