Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

basic pptp 501 6.3

I am attempting to permit a "inside" user who is assigned IP 10.0.0.5 to PPTP to an outside vendor's web server.

can I use "sysopt connection permit-pptp" by itself, or can I use "fixup on port 1723"?

thank you,

wr t

Building configuration...

: Saved

PIX Version 6.3(5)

interface ethernet0 auto

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password encrypted

passwd encrypted

hostname MJSFW

domain-name macejacobs.com

fixup protocol dns maximum-length 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69

names

access-list outside_access_in permit tcp any any eq 3389

pager lines 24

icmp deny any outside

mtu outside 1500

mtu inside 1500

ip address outside "outside ip" 255.255.255.252

ip address inside 10.0.0.1 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

pdm history enable

arp timeout 14400

global (outside) 10 interface

nat (inside) 10 10.0.0.0 255.255.255.0 0 0

static (inside,outside) tcp "outside ip" 3389 10.0.0.3 3389 netmask 255.255.255.255 0 0

access-group outside_access_in in interface outside

route outside 0.0.0.0 0.0.0.0 "outside gateway" 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout sip-disconnect 0:02:00 sip-invite 0:03:00

timeout uauth 0:05:00 absolute

no snmp-server location

no snmp-server contact

snmp-server community warn1ng

no snmp-server enable traps

floodguard enable

sysopt noproxyarp inside

telnet 10.0.0.3 255.255.255.255 inside

telnet timeout 5

ssh timeout 5

console timeout 0

terminal width 80

Cryptochecksum:

: end

[OK]

MJSFW(config)#

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: basic pptp 501 6.3

fixup protocol pptp 1723

2 REPLIES
Cisco Employee

Re: basic pptp 501 6.3

fixup protocol pptp 1723

New Member

Re: basic pptp 501 6.3

got it, thank you!

150
Views
0
Helpful
2
Replies