Donachie,
You are correct. fixup will dynamically open and close ports as needed for certain protocols such as ftp by inspecting a portion of the packet payload. When one host renogitates a port during a handshake, fixup will adjust. To my knowledge, there is no fixup for rpc. Good luck on...
If you have available host addresses left on the 100.0 network, try assigning a subset of that range in your vpnpool1 eg 192.168.100.200 - 192.168.100.250 then change your nonat access-list to
access-list nonat permit ip 192.168.100.0 255.255.255.0 192.168.100.0 255.255.255.0
If you are tyring to connect to a MS server using pptp (gre) through the PIX, the following commands work.
access-list acl-outside permit tcp any host 209.1.1.1 eq pptp
access-list acl-outside permit gre any host 209.1.1.1
access-group acl-outside in interface outside
static...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.