cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
283
Views
0
Helpful
4
Replies

GRE defaulting to a different IP address with a /30

stevem
Level 1
Level 1

When entering the commands to open the proper ports for PPTP VPN (1723 & 47/GRE) through the PDM on my pix 506E the gre defaults to a different IP address with a /30 attached to it. Could this be the reason why I cannot tunnel in from remote sites? If so how do I make the pix accept the proper IP address?

access-list internet permit tcp any host 2x.xxx.84.2 eq smtp

access-list internet permit tcp any host 2x.xxx.84.2 eq 1494

access-list internet permit tcp any host 2x.xxx.84.2 eq 1604

access-list internet permit udp any host 2x.xxx.84.2 eq 1604

access-list internet permit tcp any host 2x.xxx.84.2 eq 1723

access-list internet permit gre any 2x.xxx.84.0 255.255.255.252 <--defaults to

4 Replies 4

gfullage
Cisco Employee
Cisco Employee

What do you mean "the gre defaults to a different IP address with a /30 attached to it"? Exactly what command are you entering? Can you cut/paste your command entry and the resulting configuration of the PIX (just a "sho access-list" will suffice) so we can see what's going on? What version of PIX code is this?

Are you sure you're not missing the "host" keyword in front of the IP address in the ACL (although I still don't see why it would do this)?