Jesus,
#Is GRE a protocol like TCP/UDP/ICMP? Or is it a subset of
#TCP?
GRE is a protocol that runs on top of IP instead of on top of TCP or UDP.
#In trying to configure my firewall (secure computing) I only see options
for
#TCP and UDP ports when trying to map a port.
First of all I am going to assume you are running Sidewinder instead of
Secure Zone since Secure Zone is no longer being sold by Secure Computing.
The reason you cannot create a generic proxy on the Sidewinder for this is
because you can only create generic TCP or UDP proxies. You will have to
create and IP Filter for GRE. If you are running Sidewinder V5.1 do the
following to create an IP filter.
1. Go to Policy Configuration -> IP Filter Rules. This is the main menu
for IP Filter configurations.
2. Select the Other Filter Rules tab.
3. Select 'new.'
4. Fill in the source addess for Address A. Fill in 32 for Bits A. If
Address A is a network instead of one IP address then you would fill in
something other than 32. Select the correct burb for Burb A.
5. Select the Address B tab. Fill in the source addess for Address B.
Fill in 32 for Bits B. Select the correct burb for Burb B.
6. Select the Properties tab. Since protocol 47 is the GRE protocol,
select GRE in the Protocol field. Put in 50000 for the threshold. the
direction should be A -> B.
Note: GRE will probably not be in your list of protocols. The list in the
drop down menu is created from the /etc/protocols file. If you put the
following line in the /etc/protocols file you will be able to select gre.
gre 47 GRE # GRE
7. Select <OK> and then <Apply>.
Something similar should work for Secure Zone too but since I do not have a
Secure Zone I cannot give you detailed instructions on how to do it. You
can always send an e-mail to support@securecomputing, though.
Regards,
Jeffery Gieser
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
