Solved

Cisco Access List, VPN, Microsoft VPN Server

Posted on 2004-10-18
3
461 Views
Last Modified: 2012-06-21
Currently have a 837H ADSL Router with an access-list configured as following

access-list 100 permit tcp any host 202.72.156.58 established
access-list 100 deny ip 222.101.168.0 0.0.0.255 any
access-list 100 deny ip 10.0.0.0 0.255.255.255 any
access-list 100 deny ip 172.16.0.0 0.15.255.255 any
access-list 100 deny ip 192.168.0.0 0.0.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 deny ip 224.0.0.0 0.255.255.255 any
access-list 100 deny ip 255.0.0.0 0.255.255.255 any
access-list 100 deny ip host 0.0.0.0 any
access-list 100 permit udp any host 202.72.156.58 eq domain
access-list 100 permit tcp host 139.130.4.5 host 202.72.156.58 eq domain
access-list 100 permit udp host 202.72.191.199 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 202.72.191.199 eq domain host 202.72.146.169
access-list 100 permit udp host 203.10.1.9 eq domain 202.72.156.56 0.0.0.7
access-list 100 permit udp host 203.10.1.9 eq domain host 202.72.146.169
access-list 100 permit tcp any host 202.72.156.58 eq smtp
access-list 100 permit tcp any host 202.72.156.58 eq pop3
access-list 100 permit tcp any host 202.72.156.58 eq www
access-list 100 permit tcp any host 202.72.156.58 eq 4056
access-list 100 permit gre any host 202.72.156.58
access-list 100 permit tcp any host 202.72.156.58 eq 1725
access-list 100 permit icmp any host 202.72.156.58 echo-reply
access-list 100 permit icmp any host 202.72.146.169 echo-reply
access-list 100 deny   ip any host 202.72.156.58
access-list 100 deny   ip any host 202.72.146.169
access-list 100 permit ip any any

OK so every thing works fine, it is applied to the incomming DIALER 1 interface, and i get alot of hits on every access-list line expect tcp 1725 and grep and i down know why??

is there something wrong with the list???
0
Comment
Question by:markgrinceri
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
Comment Utility
Perhaps because you need TCP Port 1723 vs 1725
0
 
LVL 2

Author Comment

by:markgrinceri
Comment Utility
sorry big mistake on my behalf, i should of double checked that
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
Sometimes we look at our own work so many times it just takes another pair of eyes to see ..

Glad to help!

0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now