<div>
Oh ya, forgot the 'eq'.<br />
<br />
Makes sense on the 0 0.<br />
So really, I don't have to put it at the end of the config, but probably a good idea?<br />
<br />
Thanks.
</div>


<div>
Hey<br />
<br />
You don't have to put it there - the PIX does it for you by default - so there is no need.<br />
You will seldom change these settings - I have never had to before - <br />
<br />
cheers<br />

</div>


<div>
<div class="content wysiwyg-content">
I need to make sure the following config is correct, for a incoming PPTP connection, through a ASA 5510.<br />
<br />
here is what I have:<br />
<br />
access-list OutIn permit gre &lt;object-group&gt; &lt;object-name&gt; host &lt;public IP address&gt;<br />
access-list OutIn permit tcp &lt;object-group&gt; &lt;object-name&gt; host &lt;public IP address&gt; 1723<br />
static (inside,outside) &lt;public IP address&gt; &lt;internal IP of auth server&gt; netmask 255.255.255.255 0 0<br />
access-group OutIn in interface outside<br />
<br />
Now, I had seen this document from cisco:<br />
<br />
<a href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml#pptpwith" rel="ugc">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml#pptpwith</a><br />
<br />
What confused me is this line:<br />
<br />
static (inside,outside) 209.165.201.5 10.48.66.106 netmask 255.255.255.255 0 0<br />
<br />
The two '0' at the end. I am not sure what they are. I assume they are needed?<br />
At any point, do I need to specify IP 47? Or should the above take care of it?<br />
<br />
Thanks.
</div>
</div>


I need to make sure the following config is correct, for a incoming PPTP connection, through a ASA 5510.

here is what I have:

access-list OutIn permit gre <object-group> <object-name> host <public IP address>
access-list OutIn permit tcp <object-group> <object-name> host <public IP address> 1723
static (inside,outside) <public IP address> <internal IP of auth server> netmask 255.255.255.255 0 0
access-group OutIn in interface outside

Now, I had seen this document from cisco:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml#pptpwith

What confused me is this line:

static (inside,outside) 209.165.201.5 10.48.66.106 netmask 255.255.255.255 0 0

The two '0' at the end. I am not sure what they are. I assume they are needed?
At any point, do I need to specify IP 47? Or should the above take care of it?

Thanks.

Confirming PPTP configuration on ASA 5510

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.