Hello.
I am setting up a Barracuda VPN. Please take a look at the requirements and my config. Is this the best way to handle this task? Thanks
These are the ports on the appliance that need access. It also states the GRE (IP protocol 47) In/Out direction must be allowed for PPTP to function.
I used static NAT configuration to enable this...here is a screen shot of the CCP
However, when I look at my config, I dont see the outside to inside rules...is this because all outgoing traffic is already permitted by ACL 1?
interface GigabitEthernet0/0
description $ETH-WAN$
ip ddns update DYNDNS
ip address dhcp client-id GigabitEthernet0/0
ip nat outside
ip virtual-reassembly
duplex auto speed auto
no cdp enable no mop enabled
!
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
!
ip forward-protocol nd
!
ip http server
ip http secure-server
!
ip nat inside
source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static tcp 192.168.1.4 80 interface GigabitEthernet0/0 80
ip nat inside source static tcp 192.168.1.111 4125 interface GigabitEthernet0/0 4125
ip nat inside source static tcp 192.168.1.111 3389 interface GigabitEthernet0/0 3389
ip nat inside source static tcp 192.168.1.111 443 interface GigabitEthernet0/0 443
ip nat inside source static tcp 192.168.1.106 90 interface GigabitEthernet0/0 90
ip nat inside source static tcp 192.168.1.106 3660 interface GigabitEthernet0/0 3660
ip nat inside source static tcp 192.168.1.106 3663 interface GigabitEthernet0/0 3663
ip nat inside source static tcp 192.168.1.106 4665 interface GigabitEthernet0/0 4665
ip nat inside source static tcp 192.168.1.4 22 interface GigabitEthernet0/0 22
ip nat inside source static tcp 192.168.1.4 25 interface GigabitEthernet0/0 25
ip nat inside source static tcp 192.168.1.4 53 interface GigabitEthernet0/0 53
ip nat inside source static udp 192.168.1.4 53 interface GigabitEthernet0/0 53
ip nat inside source static udp 192.168.1.4 123 interface GigabitEthernet0/0 123
ip nat inside source static tcp 192.168.1.4 389 interface GigabitEthernet0/0 389
ip nat inside source static udp 192.168.1.4 500 interface GigabitEthernet0/0 500
ip nat inside source static tcp 192.168.1.4 636 interface GigabitEthernet0/0 636
ip nat inside source static tcp 192.168.1.4 1723 interface GigabitEthernet0/0 1723
ip nat inside source static udp 192.168.1.4 4500 interface GigabitEthernet0/0 4500
!
ip radius source-interface GigabitEthernet0/1
logging trap debugging
logging 192.168.1.113
access-list 1 remark INSIDE_IF=GigabitEthernet0/1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
Thanks for taking a look
Best Regards, Roger