Cisco ASA with Riverbed WAN Optimizer

Installed in an ipsec lan 2 lan tunnel environment:

Riverbed uses Type 76 which falls in the Unassigned Type range 28-252.

Some firewall configurations will strip TCP options or else drop packets with these options. (For example, Cisco PIX Firewall IOS 7.0 may block the auto-discovery probe.)

access-list riverbed_tcp extended permit tcp any any
class-map tcp-traffic
 match access-list riverbed_tcp

tcp-map allow-probes
tcp-options range 76 78 allow
policy-map global_policy
class tcp-traffic
set connection advanced-options allow-probes

service-policy global_policy global

richweb's blog
Add new comment

Main menu

Secondary menu

Cisco ASA with Riverbed WAN Optimizer

Over 17 Years Experience

Richmond

Go Social!

Email