Re: VPN

From: menard (menard_at_stanleyaviation.com)
Date: 07/22/04 

Date: Thu, 22 Jul 2004 08:47:14 -0600

this is what i have on my pix
12.155.152.171 being my external on the pix and 192.168.4.5 being the
external on my dmz inside pix
my internal network is 172.30.x.x

access-list acl_internet permit gre any host 12.155.152.171
access-list acl_internet permit tcp any host 12.155.152.171 eq pptp
access-list acl_internet permit tcp any host 12.155.152.171 eq 4500
access-list acl_internet permit udp any host 12.155.152.171 eq isakmp
access-list acl_internet permit udp any host 12.155.152.171 eq 1701
access-list acl_internet permit tcp any host 12.155.152.171 eq 1701
access-list acl_internet permit udp any host 12.155.152.171 eq 10000
access-list acl_internet permit esp any host 12.155.152.171
access-list acl_internet permit tcp any host 12.155.152.171 eq 1023
access-list acl_internet permit udp any host 12.155.152.171 eq 4500
access-list acl_internet permit udp any eq isakmp host 12.155.152.171
access-list acl_internet permit udp any eq 4500 host 12.155.152.171

static (inside,outside) 12.155.152.171 192.168.4.5 netmask 255.255.255.255
10000 1000

"Admin" <admin@admin.com> wrote in message
news:uDTmeFjbEHA.796@TK2MSFTNGP09.phx.gbl...
> ISA 2000 firewall
>
>
> "Thomas W Shinder [MVP]" <tshinder@hotmail.com> wrote in message
> news:uZtZUehbEHA.2476@TK2MSFTNGP09.phx.gbl...
>> Hi Admin,
>>
>> Is this a ISA 2000 firewall or ISA 2004 firewall?
>>
>> Thanks!
>> --
>> Tom
>> www.isaserver.org/shinder
>> Get the book!
>> Tom and Deb Shinder's Configuring ISA Server 2004
>> http://tinyurl.com/3xqb7
>> MVP -- ISA Firewalls
>>
>>
>> "Admin" <admin@admin.com> wrote in message
>> news:OgCLyExaEHA.996@TK2MSFTNGP12.phx.gbl...
>> : I have a Cisco PIX firewall with many Zones on my network and I enabled
>> the
>> : VPN on PIX and I install VPN Client on my Laptop
>> : and I plug the inside zone for PIX to Outside zone for ISA
>> : can any one tell me how to configure ISA for any incoming request from
>> : outside to inside
>> :
>> : note the IP pool from out is 192.168.200.x
>> : the iside IP is 192.168.0.x
>> :
>> :
>>
>>
>
>

Relevant Pages

  • Re: Need help with a PIX 520 and VPN traffic
    ... access-list acl_inside deny ip any host 152.163.0.0 ... access-list acl_inside permit tcp any any eq ftp-data ... access-list acl_inside permit icmp host 151.209.194.228 any echo ... access-list acl_inside permit udp any host 192.131.69.200 eq isakmp ...
    (comp.dcom.sys.cisco)
  • Re: VPN
    ... being my external on the pix and 192.168.4.5 being the ... access-list acl_internet permit tcp any host 12.155.152.171 eq pptp ... access-list acl_internet permit udp any host 12.155.152.171 eq isakmp ...
    (microsoft.public.isaserver)
  • Re: DNS not doing recursive lookups
    ... > permit udp any host xxx.xxx.xxx.xxx eq domain ... > permit tcp any host xxx.xxx.xxx.xxx eq domain ... the NT DNS servers must source their lookups from port 53. ...
    (microsoft.public.windows.server.dns)
  • Trouble with PIX 506 ver 5.1
    ... access-list acl_outside permit tcp any host 192.168.0.147 eq h323 ... access-list acl_outside permit udp any host 192.168.0.147 eq 3603 ... no logging timestamp ... access-group acl_outside in interface outside ...
    (comp.dcom.sys.cisco)
  • Need help with a PIX 520 and VPN traffic
    ... access-list acl_inside permit tcp any any eq ftp-data ... access-list acl_inside permit icmp host 151.209.194.228 any echo ... access-list acl_inside permit udp any host 192.131.69.200 eq isakmp ... access-group acl_outside in interface outside ...
    (comp.dcom.sys.cisco)