inbound on your public interface should do nicely
Chris Davis
Site Engineer, ComputerJobs.com
Upgrade Your Future
http://www.computerjobs.com
-----Original Message-----
From: Jim Jones, Jr. [mailto:jimjones@oct.net]
Sent: Tuesday, February 12, 2002 11:17 AM
To: cisco-nsp@puck.nether.net
Subject: Re: pptp into a natted network?
I think that will work... but what interface to i apply this to and in what
direction?
Thanks,
Jim Jones, Jr.
Partner
OcuSafe, LLC
www.ocusafe.com
Attractive, Reliable, Affordable Protection.
----- Original Message -----
From: "Chris Davis" <chris.davis@computerjobs.com>
To: "'Jim Jones, Jr.'" <jimjones@oct.net>; <cisco-nsp@puck.nether.net>
Sent: Tuesday, February 12, 2002 8:54 AM
Subject: RE: pptp into a natted network?
: Try typing GRE instead of TCP or UDP in your NAT statements. GRE is its
own
: protocol.
:
: If NAT can't be configured to handle GRE specifically, you should be able
to
: configure NAT to staticly translate the IP, and then access-list the
public
: IP to permit only GRE & TCP 1723.
:
: access-list 111 permit gre any host {destination-host-public-ip}
: access-list 111 premit tcp any host {destination-host-public-ip} eq 1723
: access-list 111 deny ip any host {destination-host-public-ip}
:
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:33 EDT