02-21-2009 08:18 AM
We have implemeted Netscreen firewall between 2 cisco routers, and both cisco routers have connected via GRE tunnel , Netscreen firewall passes the GRE traffic, for this we have cretaed a policy which allow GRE traffic between these 2 cisco devices.
we are facing problem when users come after 2 days to start work they are not able to connect for this we have to first disable the policy which passes the traffic then we need to enable the policy which passes the GRE traffic...
i am surprising wy this is happening, if any have face this issue please let me know. hot to resolve this issue...
02-21-2009 11:55 AM
-What screen OS u r using?
-What is exactly ur policy?
-Try to make any any permit policy to diagnose the problem
02-21-2009 11:58 AM
kindly elaborately tell us the scenerio, that will help to figure out whats causing this problem.
the Zones which you have made, are they the defined zones ? is there any routing protocol running in your scenerio ?
02-22-2009 06:03 AM
We are using ISG-2000 with ScreenOS 6.0,I am enclosing a basic diagram of our topology.. We have creted a Policy between these zones which Permit GRE traffic.all work fine during working days. problem comes lets say when users comes after weekend on monday. they not able to connect to intnded servers. we have to manually disable the particular policy then enable that particular policy to work it again.