Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

pass gre traffic to rras

Status
Not open for further replies.
mst3k

mst3k

IS-IT--Management
Apr 29, 2002
41
US

Hi there- I have a pix 501 - trying to setup a quick and drirty vpn that just passes all pptp traffic to a win2k rras server. I've got one outside ip address, so part of the solution would be:

static (inside,outside) tcp interface 1723 10.0.1.9 1723
access-list 100 permit tcp any host xx.xx.xx.xx eq 1723
access group 100 in interface outside

what is the static and access list command to pass GRE traffic? And do I need to enter or take away any of the fixup protocol entries?

Thanks much!!

 
Sort by date Sort by votes
Normally, You would only need to add the following command:

access-list 100 permit gre any host x.x.x.x

However, since you are using port redirection, you won't be able to pass GRE traffic in this fashion. GRE is a different protocol type than tcp and udp. Port redirection only supports tcp and udp traffic. You will need to get a dedicated ip address to statically map for the inside server to allow GRE tunnels.

You should look to terminate tunnels to the PIX firewall as an alternative solution.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
697
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
602
Johnkite
Johnkite
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
168
Russtoleum
Russtoleum
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
151
brownmab53
brownmab53
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
526
nnaarrnn
nnaarrnn

Part and Inventory Search

Sponsor

Back
Top