[c-nsp] block TCP/UDP ports in GRE tunnel
Vikas Sharma
vikassharmas at gmail.com
Mon Feb 19 09:05:25 EST 2007
Hi Oli,
My IOS version is
ROM: System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-PK9SV-M), Version 12.2(17d)SXB1,
RELEASE SOFTWARE (fc2)
It does not support commands to pass the fragmented packets. Which IOS
should I use?
Regards
Vikas Sharma
On 2/19/07, Oliver Boehmer (oboehmer) <oboehmer at cisco.com> wrote:
>
> Vikas Sharma <mailto:vikassharmas at gmail.com> wrote on Monday, February
> 19, 2007 8:02 AM:
>
> > Hi,
> >
> > Here the only problem is any packet with MTU size more than interface
> > MTU will be dropped bcos of fregmentation. By default ACL does not
> > allow fregmented packets.
>
> Take a look at http://www.cisco.com/warp/public/105/acl_wp.html to see
> how ACLs deal with fragmented packets. Maybe you can find a way to
> achieve your goal, this highly depends on how your ACL looks like.
>
> oli
>
>
>
> >
> > On 2/18/07, Oliver Boehmer (oboehmer) <oboehmer at cisco.com> wrote:
> >
> > Vikas Sharma <> wrote on Sunday, February 18, 2007 4:14 PM:
> >
> > > Hi,
> > >
> > > I have a query, is it possible to block specific TCP/UDP ports
> in
> > GRE > tunnel?
> >
> > applying an ACL to the tunnel interface doesn't work?
> >
> > oli
>
More information about the cisco-nsp
mailing list