Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

1841 ADSL Router - Forward GRE/PPTP query

Hi,

<br />

<br />I have a customer that has an 1841 ADSL router as a backup to their main 10Mb ISP circuit. The customer has a windows server that they use for some remote access sessions with GRE/pptp. When the primary 10Mb link is in use, this works fine as the ASA on this link has a 1:1 NAT rule and allows port 1723 and protocol 47 through to this windows machine.

<br />

<br />When the 10Mb link is down, the customer would like to still be able to RAS into the windows machine but via the IP of the backup ADSL router (which is also connected to the ASA). Looking at various posts, I found that I need to have a static NAT for port 1723 on the inside to the dialer interface, which I have done - but I can't find how I would forward the protocol 47 traffic.

<br />

<br />I've attached a copy of the config from the ADSL router if anyone is interested.

<br />

<br />The IP of the windows RAS box is 192.168.247.113/24 on the DMZ of the ASA, which is translated as 81.X.X.X on the outside interface of the ASA.

<br />

<br />I hope that this makes sense - please let me know if you need any further information, and thanks in advance for any assistance.

<br />

<br />

<br />1) XXX-XXX-ADSL-02-conf-03-02-09_netpro.txt

<br />

1 REPLY
Silver

Re: 1841 ADSL Router - Forward GRE/PPTP query

IP Protocol 47 which is GRE tunnel traffic. So there is VPN tunnel going through your device and all data going in that tunnel is translated as GRE traffic. You can only have one PPTP/L2TP connection through the PIX Security Appliance when you use PAT. This is because the necessary GRE connection is established over port 0 and the PIX Security Appliance only maps port 0 to one host.

409
Views
0
Helpful
1
Replies