Cisco 800 VPN
Pete Davis
pete at ETHER.NET
Thu Jan 20 22:48:29 EST 2000
Stephen,
Are you performing network address translation or is the NT server on public
address space?
Either way, you will need to make sure that your inbound access-list is set to
permit:
PPTP - GRE (Protocol 47), and PPTP Controls, which is TCP destination port 1723.
IPSEC - ESP (Protocol 50), and IKE, which is UDP Port 500
If your VPN server is on private address space, you will need a public IP
address in order to do an address mapping for a singular external IP address
to the internal IP address.
I am not sure off the top of my head which version of IOS first added support
for GRE/ESP protocols for access-lists, you may want to check out cco.cisco.com.
Regards,
-pete
On Wed, Jan 19, 2000 at 12:04:35PM +1100, Stephen Morison wrote:
> Hi,
> I'm having troubles getting a Cisco 800 router to open up a port to accept
> VPN access below is a diagram of what I'm trying to achieve
>
>
> Client (win9x / win2k) --> Internet -->CISCO 800 --> NT Server (VPN Server)
>
>
> Please advise what would be the best way to achieve this
>
> Stephen
>
> VPN is sponsored by SecurityFocus.COM
---
Pete Davis - Product Manager <pete at ether.net> (508) 541-7300 x154
Altiga Networks - 124 Grove Street Suite 205 Franklin, MA 02038
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list