[pptp-server] pptpd through a cisco..?
Dragos DOBRE
ddobre at deuroconsult.ro
Wed Jun 7 02:00:19 CDT 2000
"Cowles, Steve" wrote:
>
> I do not know what the Cisco IOS command is to forward "Protocol 47", but
> thats what you will need to do (in addition to forwarding port 1723). On my
> linux based firewall, I forward protocol 47 to an internal pptp server using
> "ipfwd". I would think Cisco has a simaler command to forward a "protocol",
> in addition to ports.
assuming that the pptp sever address is 192.168.x.y,
and eth0 on thre router is in the same LAN an the pptp server,
and serial0 is connected to the ISP you should apply 2 access-lists
on the cisco router.(protocol 47 is gre and where it says gre you
may substitute with 47)
ip access-list extended 101
permit gre any host 192.168.x.y
permit tcp any host 192.168.x.y eq 1723
deny ip any any
ip access-list extended 102
permit gre host 192.168.x.y any
permit tcp host 192.168.x.y any eq 1723
interface ethernet 0
ip address 192.168.a.b 255.255.255.0
ip access-group 101 out
interface Serial 0
............
ip access group 102 out
> Steve Cowles
>
> > -----Original Message-----
> > From: HiJinX [mailto:hijinx at datafx.com.au]
> > Sent: Tuesday, June 06, 2000 6:11 AM
> > To: pptp-server at lists.schulte.org
> > Subject: [pptp-server] pptpd through a cisco..?
> >
> >
> > Hi, I was wondering if it is possible to have a pptpd server (On a
> > Debian box), running on a 192.168 address behind a cisco801?
> > The client I'm testing with is a win2k - And it seems to be failing on
> > gre (input/output error)
> > Does anyone have a similiar solution working?
> >
> > When the Debian box is on a live IP - The pptp connection can
> > be made no
> > problems.
> >
> > Thanks for any help,
> > Michael
> >
--
Dragos Adrian DOBRE
Network Systems Specialist
Deuroconsult Brasov, Romania
More information about the pptp-server
mailing list