Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
273
Views
0
Helpful
1
Replies

PPTP outbound and IOS Zone Based Policy Firewalling

mmedwid
Level 3
Level 3

‎07-25-2008 09:42 AM - edited ‎03-11-2019 06:20 AM

I have a client trying to use PPTP outbound from a host on their DMZ. Their zone based policy firewall config appears essentially correct and all other traffic is egressing the 3845 router (DMZ to Internet) without issue. I had them add "match protocol pptp" to their inspect for that zone-pair. But he's still got no joy. Are there known problems with PPTP and ZBPF? Long ago there were problems with PPTP and PAT but I thought those had been resolved way back. (Please don't ask "why PPTP??" - it wasn't MY idea!) :-)

class-map type inspect match-any dmz-inet-ports

description ***DMZ to inet Access Ports***

match protocol pptp

match protocol icmp

match protocol tcp

match protocol udp

The image: c3845-advipservicesk9-mz.124-11.XW8.bin

Labels:
0 Helpful
1 Reply 1

andrew.prince
Level 10
Level 10

‎07-25-2008 03:52 PM

if there are any ACL's - please supply...and any debug's would be very helpfull.

HTH>

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card