Solved

Cisco Access List, VPN, Microsoft VPN Server

Posted on 2004-10-18
3
467 Views
Last Modified: 2012-06-21
Currently have a 837H ADSL Router with an access-list configured as following

access-list 100 permit tcp any host 202.72.156.58 established
access-list 100 deny ip 222.101.168.0 0.0.0.255 any
access-list 100 deny ip 10.0.0.0 0.255.255.255 any
access-list 100 deny ip 172.16.0.0 0.15.255.255 any
access-list 100 deny ip 192.168.0.0 0.0.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 deny ip 224.0.0.0 0.255.255.255 any
access-list 100 deny ip 255.0.0.0 0.255.255.255 any
access-list 100 deny ip host 0.0.0.0 any
access-list 100 permit udp any host 202.72.156.58 eq domain
access-list 100 permit tcp host 139.130.4.5 host 202.72.156.58 eq domain
access-list 100 permit udp host 202.72.191.199 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 202.72.191.199 eq domain host 202.72.146.169
access-list 100 permit udp host 203.10.1.9 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 203.10.1.9 eq domain host 202.72.146.169
access-list 100 permit tcp any host 202.72.156.58 eq smtp
access-list 100 permit tcp any host 202.72.156.58 eq pop3
access-list 100 permit tcp any host 202.72.156.58 eq www
access-list 100 permit tcp any host 202.72.156.58 eq 4056
access-list 100 permit gre any host 202.72.156.58
access-list 100 permit tcp any host 202.72.156.58 eq 1725
access-list 100 permit icmp any host 202.72.156.58 echo-reply
access-list 100 permit icmp any host 202.72.146.169 echo-reply
access-list 100 deny   ip any host 202.72.156.58
access-list 100 deny   ip any host 202.72.146.169
access-list 100 permit ip any any

OK so every thing works fine, it is applied to the incomming DIALER 1 interface, and i get alot of hits on every access-list line expect tcp 1725 and grep and i down know why??

is there something wrong with the list???
0
Comment
Question by:markgrinceri
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 12338038
Perhaps because you need TCP Port 1723 vs 1725
0
 
LVL 2

Author Comment

by:markgrinceri
ID: 12338597
sorry big mistake on my behalf, i should of double checked that
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12338666
Sometimes we look at our own work so many times it just takes another pair of eyes to see ..

Glad to help!

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question