?
Solved

Cisco Access List, VPN, Microsoft VPN Server

Posted on 2004-10-18
3
Medium Priority
?
473 Views
Last Modified: 2012-06-21
Currently have a 837H ADSL Router with an access-list configured as following

access-list 100 permit tcp any host 202.72.156.58 established
access-list 100 deny ip 222.101.168.0 0.0.0.255 any
access-list 100 deny ip 10.0.0.0 0.255.255.255 any
access-list 100 deny ip 172.16.0.0 0.15.255.255 any
access-list 100 deny ip 192.168.0.0 0.0.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 deny ip 224.0.0.0 0.255.255.255 any
access-list 100 deny ip 255.0.0.0 0.255.255.255 any
access-list 100 deny ip host 0.0.0.0 any
access-list 100 permit udp any host 202.72.156.58 eq domain
access-list 100 permit tcp host 139.130.4.5 host 202.72.156.58 eq domain
access-list 100 permit udp host 202.72.191.199 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 202.72.191.199 eq domain host 202.72.146.169
access-list 100 permit udp host 203.10.1.9 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 203.10.1.9 eq domain host 202.72.146.169
access-list 100 permit tcp any host 202.72.156.58 eq smtp
access-list 100 permit tcp any host 202.72.156.58 eq pop3
access-list 100 permit tcp any host 202.72.156.58 eq www
access-list 100 permit tcp any host 202.72.156.58 eq 4056
access-list 100 permit gre any host 202.72.156.58
access-list 100 permit tcp any host 202.72.156.58 eq 1725
access-list 100 permit icmp any host 202.72.156.58 echo-reply
access-list 100 permit icmp any host 202.72.146.169 echo-reply
access-list 100 deny   ip any host 202.72.156.58
access-list 100 deny   ip any host 202.72.146.169
access-list 100 permit ip any any

OK so every thing works fine, it is applied to the incomming DIALER 1 interface, and i get alot of hits on every access-list line expect tcp 1725 and grep and i down know why??

is there something wrong with the list???
0
Comment
Question by:markgrinceri
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 12338038
Perhaps because you need TCP Port 1723 vs 1725
0
 
LVL 2

Author Comment

by:markgrinceri
ID: 12338597
sorry big mistake on my behalf, i should of double checked that
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12338666
Sometimes we look at our own work so many times it just takes another pair of eyes to see ..

Glad to help!

0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question