[VPN] l2tp through Cisco Pix with single Interface Address

Keith Pachulski keithp at corp.ptd.net
Fri May 16 14:47:52 EDT 2003


l2tp uses 1701/udp, not 500/udp or AH, ESP. in the acl permit the internal host to access to remote system over the specific udp port.

-----Original Message-----
From: John Clark [mailto:JohnC at hcarr.com]
Sent: Friday, May 16, 2003 1:16 PM
To: vpn at lists.shmoo.com
Subject: [VPN] l2tp through Cisco Pix with single Interface Address


Hi, I am trying to do Allow an internal user to use a l2tp client
through the Pix firewall with a single ip address on the external
intereface.  I see the acl's that i need to use, but will it allow me to
do what is need without utilizing the static command?  If i do do i need
to do it just for Udp 500 or also for ip 50 and 51?

Thanks.

John
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn



More information about the VPN mailing list