Solved

Cisco VPN's

Posted on 2011-03-21
1
443 Views
Last Modified: 2012-06-27
I have a cisco 2801 router with the security pack on it. I have VPN set up so the my outside users can VPN into our office. The problem I'm having is that I have a consultant who is trying to VPN into his office while on our network. He is running a Cisco Concentrator on his end. The VPN can't make a connection. It works fine from outside our network just not inside my network. Here is the ACL's I I have set up for the Wan Interface. What am I missing.
 
    10 permit icmp any host xxx.xxx.xx.xx unreachable
    20 permit icmp any host xxx.xxx.xx.xx echo
    30 permit icmp any host xxx.xxx.xx.xx echo-reply
    40 permit icmp any host xxx.xxx.xx.xx packet-too-big
    50 permit icmp any host xxx.xxx.xx.xx time-exceeded
    60 permit icmp any host xxx.xxx.xx.xx traceroute
    70 permit icmp any host xxx.xxx.xx.xx administratively-prohibited
    80 permit tcp any host xxx.xxx.xx.xx eq 22
    90 permit tcp any host xxx.xxx.xx.xx eq domain
    100 permit tcp any host xxx.xxx.xx.xx eq 443
    110 permit tcp any host xxx.xxx.xx.xx eq 4080
    120 permit tcp any host xxx.xxx.xx.xx eq 5223
    130 permit udp any host xxx.xxx.xx.xx range 16399 16472
    140 permit udp any host xxx.xxx.xx.xx eq 80
    150 permit esp any any
    160 permit udp any eq ntp any
    170 permit udp any any eq isakmp
    180 permit udp any any eq non500-isakmp
Thanks

0
Comment
Question by:Scott_Smith24
1 Comment
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 35185004
He may need TCP/10000 open
 175 permit tcp any any eq 10000
Or an established permit
 15 permit tcp any any established

Do you have firewall inspection applied?
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question