JGWohlford
IS-IT--Management
Is there any way to use PAT on a single public static IP and still allow incoming PPTP to an NT VPN server behind the PIX 506E? Client's scenario:
NT VPN Server 10.0.0.1 Private LAN 10.0.0.128-10.0.0.255
\ /
Cisco PIX 506E inside interface 10.0.0.254
|
Cisco PIX 506E outside interface xxx.xxx.xxx.53
|
Static IP xxx.xxx.xxx.53 (DSL Modem)
|
ISP Default Gateway xxx.xxx.xxx.1
I can get PAT to work or the PPTP to work but not both. I am using the following to implement PPTP:
static (inside,outside) xxx.xxx.xxx.53 10.0.0.1 netmask 255.255.255.255 0 0
access-list pptp-list permit tcp any host xxx.xxx.xxx.53 eq 1723
access-list pptp-list permit gre any host xxx.xxx.xxx.53
access-group pptp-list in interface outside
Thanks!
NT VPN Server 10.0.0.1 Private LAN 10.0.0.128-10.0.0.255
\ /
Cisco PIX 506E inside interface 10.0.0.254
|
Cisco PIX 506E outside interface xxx.xxx.xxx.53
|
Static IP xxx.xxx.xxx.53 (DSL Modem)
|
ISP Default Gateway xxx.xxx.xxx.1
I can get PAT to work or the PPTP to work but not both. I am using the following to implement PPTP:
static (inside,outside) xxx.xxx.xxx.53 10.0.0.1 netmask 255.255.255.255 0 0
access-list pptp-list permit tcp any host xxx.xxx.xxx.53 eq 1723
access-list pptp-list permit gre any host xxx.xxx.xxx.53
access-group pptp-list in interface outside
Thanks!