- Posts: 81
- Thank you received: 0
Gre pptp through nat
17 years 8 hours ago #24403
by Brandonh
Gre pptp through nat was created by Brandonh
I have a 2621 router and I am wanting to configure gre protocol 47 to pass through nat overload to my microsoft vpn server. I am having trouble discovering the commands to allow the gre through. My nat is set up and I have been able to allow tcp or udp fowarding to internal machines but need to allow GRE protocol 47. If someone can tell me the commands I would appreciate it thanks.
16 years 11 months ago #24435
by Elohim
Replied by Elohim on topic Re: Gre pptp through nat
Allow GRe through your access-list.
I have a 2621 router and I am wanting to configure gre protocol 47 to pass through nat overload to my microsoft vpn server. I am having trouble discovering the commands to allow the gre through. My nat is set up and I have been able to allow tcp or udp fowarding to internal machines but need to allow GRE protocol 47. If someone can tell me the commands I would appreciate it thanks.
16 years 11 months ago #24436
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Gre pptp through nat
You will need to allow TCP/1723 also.
Your GRE access list would look something like this;
ip access-list 101 permit gre any any
Your GRE access list would look something like this;
ip access-list 101 permit gre any any
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
16 years 11 months ago #24452
by Brandonh
Replied by Brandonh on topic Re: Gre pptp through nat
Thanks man I'll give that a shot I have been looking for that command for days.
16 years 11 months ago #24454
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Gre pptp through nat
Obviously you can tie it down by replacing any any with source and destination addresses
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.125 seconds