Solved

Cisco Access List, VPN, Microsoft VPN Server

Posted on 2004-10-18
3
466 Views
Last Modified: 2012-06-21
Currently have a 837H ADSL Router with an access-list configured as following

access-list 100 permit tcp any host 202.72.156.58 established
access-list 100 deny ip 222.101.168.0 0.0.0.255 any
access-list 100 deny ip 10.0.0.0 0.255.255.255 any
access-list 100 deny ip 172.16.0.0 0.15.255.255 any
access-list 100 deny ip 192.168.0.0 0.0.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 deny ip 224.0.0.0 0.255.255.255 any
access-list 100 deny ip 255.0.0.0 0.255.255.255 any
access-list 100 deny ip host 0.0.0.0 any
access-list 100 permit udp any host 202.72.156.58 eq domain
access-list 100 permit tcp host 139.130.4.5 host 202.72.156.58 eq domain
access-list 100 permit udp host 202.72.191.199 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 202.72.191.199 eq domain host 202.72.146.169
access-list 100 permit udp host 203.10.1.9 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 203.10.1.9 eq domain host 202.72.146.169
access-list 100 permit tcp any host 202.72.156.58 eq smtp
access-list 100 permit tcp any host 202.72.156.58 eq pop3
access-list 100 permit tcp any host 202.72.156.58 eq www
access-list 100 permit tcp any host 202.72.156.58 eq 4056
access-list 100 permit gre any host 202.72.156.58
access-list 100 permit tcp any host 202.72.156.58 eq 1725
access-list 100 permit icmp any host 202.72.156.58 echo-reply
access-list 100 permit icmp any host 202.72.146.169 echo-reply
access-list 100 deny   ip any host 202.72.156.58
access-list 100 deny   ip any host 202.72.146.169
access-list 100 permit ip any any

OK so every thing works fine, it is applied to the incomming DIALER 1 interface, and i get alot of hits on every access-list line expect tcp 1725 and grep and i down know why??

is there something wrong with the list???
0
Comment
Question by:markgrinceri
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 12338038
Perhaps because you need TCP Port 1723 vs 1725
0
 
LVL 2

Author Comment

by:markgrinceri
ID: 12338597
sorry big mistake on my behalf, i should of double checked that
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12338666
Sometimes we look at our own work so many times it just takes another pair of eyes to see ..

Glad to help!

0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question