I have a visitor who needs to connect to their VPN from our site. I have a Cisco 1720 12.xIOS with NAT to the internet. I have added this to my access-lists
access-list 101 permit tcp any eq 47 22.214.171.124 0.0.0.7
ccess-list 101 permit tcp any eq 2513 126.96.36.199 0.0.0.7
to open up port 47 (GRE) and 1723(PPTP)
! Default PPTP VPDN group
what am I missing that will not allow this user to get to his VPN?
He gets an error 721.
GRE is ip protocol 47, it is not a tcp or udp port number. PPTP is tcp port 1723.
I think the access-list should be:
access-list 101 permit gre any x.x.206.32 0.0.0.7
access-list 101 permit tcp any eq 1723 x.x.206.32 0.0.0.7
p.s. please remember to remove/mask public ip addresses and any other sensitive info.
I'll give it a try.
THANK YOU !!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: