10-24-2010 11:19 PM - edited 03-11-2019 11:59 AM
I have been searching forums all over and spent much time looking for an answer to what is happening here. I have been trying to open up access to our internal server 2k3 vpn server and allow access to our RDP server and I can't seem to get any of the ports to open. In ADSM everything seems to be setup to work but still nothing is working. I am unanle to get outside connections to come in even with my ACL list setup and the group applied tot he outside connection. Here is my config file, and help would be greatly appreciated:
Solved! Go to Solution.
10-24-2010 11:24 PM
access-list 110 extended permit tcp any host 192.168.254.252 eq 3389
needs to be
access-list 110 extended permit tcp any interface outside eq 3389
10-24-2010 11:24 PM
access-list 110 extended permit tcp any host 192.168.254.252 eq 3389
needs to be
access-list 110 extended permit tcp any interface outside eq 3389
10-24-2010 11:34 PM
Thank you so much. I was able to get the RDP working but I am still having trouble with the PPTP pass through. I hav
e also made the changes to reflect what I changed for RDP and was able to connect to the server but not verify username and password? Could this be a problem with GRE? Even though I have it set just as the RDP and PPTP rule? Once again thanks for the lightning fast response.
10-24-2010 11:40 PM
Hmm you might be able to add the "inspect pptp" to help out here.
pixfirewall(config)#policy-map global_policy
pixfirewall(config-pmap)#class inspection_default
pixfirewall(config-pmap-c)#inspect pptp
10-25-2010 12:10 AM
This is what I ahve now. Still having the same error. Getting stuck on verifying username and password.
class-map inspection_default
!
!
policy-map global_policy
class inspection_default
inspect pptp
!
prompt hostname context
Andrew
10-25-2010 07:00 AM
Ahh it looks like you are missing a bit more of the default configuration than I realized. Here is the full config, that snippet before was to add to an already established policy-map.
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect pptp
service-policy global_policy global
Right now, how you have it, the inspection isn't being applied. The config above applies the inspection.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide