1. Home
  2. Cisco Systems
  3. PIX 506E PDM 3.0(1) PIX 6.3(3) NAT/PAT (Part 2)

PIX 506E PDM 3.0(1) PIX 6.3(3) NAT/PAT (Part 2)

Hello,

I have finally the Cisco up and running, though i have one problem. I have an VPN server behind the PIX. I was able to add a translation rule for TCP port 1723, but not for GRE... Anyone an idea how to do so...?

Sincerely, Michiel

Situation : I have as a modem the Zyxel Prestige 660HW wich is used as modem, but it will NAT the public ip.

Zyxel WAN : Internet (public ip natted, DMZ is 192.168.168.2) LAN : 192.168.168.1 mask 255.255.255.252

Cisco WAN : 192.168.168.2 mask 255.255.255.252 LAN : 192.168.68.8 mask 255.255.255.0

Reply to
Michiel
Loading thread data ...

You will have to make a one to one NAT translation between the VPN server and the external IP

static(inside,outside)

Then create the ACL

access list 10 permit GRE any

Apply the ACL to interface

formatting link

Reply to
Chad Mahoney

Hello Chad,

I have done the following, i not added the thing you said, i looked at the Cisco link you gave me. And i have added the following rule "fixup protocol pptp 1723-1723" that made it working, though i already had added those rules to accept incomming traffic.

Thanks for the link!

Sincerely, Michiel

Reply to
Michiel

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.