Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco PIX, VPN Client & PC Anywhere

My setup goes like this

Lan-->PIX Firewall-->Router-->Internet Cloud

We use Cisco VPN Client 3.6.3(B) to connect to remote Peer. For remote desktop sharing we use PC anywhere services.

Now problem we face on firewall is

If I specify conduit permit ip any any everything works fine. But this makes firewall vunerable since anybody from outside can initiate connections to inside hosts due to static nat & conduit statments.

I wish to apply ACL to PIx which allows connections only from desired remote peer/hosts. I have tried permitting ports tcp/udp 5631, 5632, 6530 & removing the conduit permit ip any any statement, but did not work out

Any suggestions

Thanks in Advance

  • Other Security Subjects
4 REPLIES
New Member

Re: Cisco PIX, VPN Client & PC Anywhere

the ports that I usually open for pc-anywhere are: 5631 tcp, 65301 tcp ,5632 udp, 22 udp (although some of them are for older versions of pcanywhere )

I think that if you have opend all those ports with static nat and conduit it should work.

New Member

Re: Cisco PIX, VPN Client & PC Anywhere

I have tried opening all these ports, but still was not able to connect.

Any clue ?

Anonymous
N/A

Re: Cisco PIX, VPN Client & PC Anywhere

I also have enable CISCO PIX to accept PPTP connections from the Internet, but I would like to restrict this only to a couple of source IP addresses.

Is there a way to do that?

I couldn't find any.

Thanks

Silvia

New Member

Re: Cisco PIX, VPN Client & PC Anywhere

just put a inbound ACL on the outside interface

syntax

Access-list X permit tcp LanIP SM PermittedSource SM

I hope it helps

737
Views
0
Helpful
4
Replies
This widget could not be displayed.