[c-nsp] access list question with PPTP
Joseph Jackson
JJackson at nos.com
Mon May 16 12:22:49 EDT 2005
All,
On setting up a remote site the local network engineer has
created an this config. We are unable to pptp to the RAS server. A couple
of questions what do the 0.0.0.10 do? That's not a valid inverse netmask
that I know of, I told him to remove the all the access-lists 7 and just do
access-list 7 permit ip any any yet we are still unable to connect to the
network. Any help would be great.
!
interface FastEthernet0/0
description LAN
bandwidth 100000
ip address 172.17.4.1 255.255.0.0
no ip directed-broadcast
ip nat inside
no ip route-cache
no ip mroute-cache
speed auto
full-duplex
!
interface Serial0/0
description Interface internet link
bandwidth 2048
ip address xxx.xxx.xxx.xxx 255.255.255.240 secondary
ip address xxx.xxx.xxx.xxx 255.255.255.252
no ip directed-broadcast
ip nat outside
no fair-queue
!
ip nat pool no-overload xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx prefix-length 28
ip nat inside source list 7 pool no-overload
ip nat inside source static tcp 172.17.8.11 1723 xxx.xxx.xxx.xxx 1723
extendable
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
no ip http server
!
access-list 7 permit 172.17.100.0 0.0.0.10
access-list 7 permit 172.17.8.0 0.0.0.10
access-list 7 permit 172.17.20.0 0.0.0.255
More information about the cisco-nsp
mailing list