[c-nsp] access list question with PPTP

Joseph Jackson JJackson at nos.com
Mon May 16 12:22:49 EDT 2005


All,

 

            On setting up a remote site the local network engineer has
created an this config. We are unable to pptp to the RAS server.  A couple
of questions what do the 0.0.0.10 do?  That's not a valid inverse netmask
that I know of,  I told him to remove the all the access-lists 7 and just do
access-list 7 permit ip any any  yet we are still unable to connect to the
network.  Any help would be great.

 

 

 

!
interface FastEthernet0/0
 description LAN
 bandwidth 100000
 ip address 172.17.4.1 255.255.0.0
 no ip directed-broadcast
 ip nat inside
 no ip route-cache
 no ip mroute-cache
 speed auto
 full-duplex
!
interface Serial0/0
 description Interface internet link
 bandwidth 2048
 ip address xxx.xxx.xxx.xxx 255.255.255.240 secondary
 ip address xxx.xxx.xxx.xxx 255.255.255.252
 no ip directed-broadcast
 ip nat outside
 no fair-queue
!
ip nat pool no-overload xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx prefix-length 28
ip nat inside source list 7 pool no-overload
ip nat inside source static tcp 172.17.8.11 1723 xxx.xxx.xxx.xxx 1723
extendable
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
no ip http server
!
access-list 7 permit 172.17.100.0 0.0.0.10
access-list 7 permit 172.17.8.0 0.0.0.10
access-list 7 permit 172.17.20.0 0.0.0.255



More information about the cisco-nsp mailing list