[c-nsp] Getting a VPN to work through a Cisco firewall
Rick Kunkel
kunkel at w-link.net
Wed Jan 11 20:47:56 EST 2006
On Thu, 12 Jan 2006, Brett Looney wrote:
> At 09:11 12/01/2006, you wrote:
> >That seems strangely backwards. You're not pulling my leg, are you? Is
> >there something to replace this lost feature?
>
> Well, I just found the document I was looking for - not easy to find
> - it has a three line mention in the release notes and then only if
> you know you're looking for "Firewall ACL Bypass" - no mention of a
> change in behaviour to ip inspect until you actuall open the provided
> link - could be easier. </rant>
>
> Anyway:
> http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d33da.html
>
> Thanks to all...
>
> B.
>
Maybe I'm just being dense (or I'm experiencing a different issue
entirely)... but I'm not seeing where this touches on the VPN issue. I
understand that the access-lists are not, strictly speak, "written"
anymore, but shouldn't the VPN still have ip inspect poke the holes in the
ACL, whether or not those holes are readily viewable?
Thanks,
Rick
More information about the cisco-nsp
mailing list