Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PPPOE Tunnel ACL between Pix515 and Router

Coporate site have Pix515 and remote site has router. I have a tunnel setup from a remote site to the corporate office. I am looking for information on ACL's to apply to the dialer interface to allow ipsec/ isakmp and all traffic from corporate office to remote site. Do you allow the public address of PIX to access remote router with ipsec/ isakmp traffic and corporate private network address for pop3/ smtp and udp.

  • VPN
2 ACCEPTED SOLUTIONS

Accepted Solutions
Bronze

Re: PPPOE Tunnel ACL between Pix515 and Router

The PIX with the dynamic address will look something like the Tiger config and the other PIX will

look something like the Lion config.

http://www.cisco.com/warp/public/110/38.html

New Member

Re: PPPOE Tunnel ACL between Pix515 and Router

yes you have to add ACLS on the dialer interafce on the router.

what you would do is assuming subnet A is behind router and subnet B is next to the Pix.

On A you would permit A's local subnet to A's remote i.e permit A to B and on the pix just the reverse. and no you dont define the public ip in the interesting traffic.

3 REPLIES
Bronze

Re: PPPOE Tunnel ACL between Pix515 and Router

The PIX with the dynamic address will look something like the Tiger config and the other PIX will

look something like the Lion config.

http://www.cisco.com/warp/public/110/38.html

New Member

Re: PPPOE Tunnel ACL between Pix515 and Router

I have the PPPOE router to PIX up and running. I am looking for information on adding and ACL to the dialer interface on the router to prevent unwanted traffic from entering the router. I have no problem with the PIX configuration.

New Member

Re: PPPOE Tunnel ACL between Pix515 and Router

yes you have to add ACLS on the dialer interafce on the router.

what you would do is assuming subnet A is behind router and subnet B is next to the Pix.

On A you would permit A's local subnet to A's remote i.e permit A to B and on the pix just the reverse. and no you dont define the public ip in the interesting traffic.

142
Views
0
Helpful
3
Replies
This widget could not be displayed.