Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Ios CBAC not working for PPTP/Gre

On 2821 IosFW 12.4(5a), I have:

ip inspect name Firewall pptp audit-trail on timeout 3600

ip access-list extended Acl_Inside

permit tcp host XXXX host YYYY eq 1723

permit gre host XXXX host yyyy

In audit-trail log, I have:

Mar 15 14:50:40 router 123929: 119408: Mar 15 14:50:40.319 CET: %FW-6-SESS_AUDIT_TRAIL: Stop pptp session: initiator (XXXX:1072) sent 348 bytes -- responder (YYYY:1723) sent 188 bytes

Mar 15 14:50:48 router 123939: 119418: Mar 15 14:50:48.175 CET: %FW-6-SESS_AUDIT_TRAIL: Stop pptp session: initiator (XXXX:1073) sent 404 bytes -- responder (YYYY:1723) sent 336 bytes

but user claims that its pptp session does not establish.

When I move this traffic to my old Pix 520, it works perfectly.

Is it a bug ?

1 REPLY
Silver
545
Views
0
Helpful
1
Replies