Hi
I have a PIX 506e and I am trying to enable a VPN via IA2004. It works if my access lists are:
access-list vpn01 permit tcp any host x.x.x.x eq 1723
access-list vpn01 permit tcp any host x.x.x.x eq 47
access-list vpn01 permit tcp any host x.x.x.x
Now if I remove the last line it fails. Obviously I do not want to leave the last line in because it allows any port to flow in (or so I understand.)
I also read somewhere that gre is not tcp, but should be ip. However if I try
access-list vpn01 permit ip any host x.x.x.x eq 47
then the editor does not recognisde the command.
Any ideas please?
Thanks Lewel
I have a PIX 506e and I am trying to enable a VPN via IA2004. It works if my access lists are:
access-list vpn01 permit tcp any host x.x.x.x eq 1723
access-list vpn01 permit tcp any host x.x.x.x eq 47
access-list vpn01 permit tcp any host x.x.x.x
Now if I remove the last line it fails. Obviously I do not want to leave the last line in because it allows any port to flow in (or so I understand.)
I also read somewhere that gre is not tcp, but should be ip. However if I try
access-list vpn01 permit ip any host x.x.x.x eq 47
then the editor does not recognisde the command.
Any ideas please?
Thanks Lewel