1 Reply Latest reply: Aug 13, 2012 8:52 AM by abridge-cco RSS

    TCP 1723, GRE 47 and VPNs

    Braincellbuster

      How do you setup to allow or pass protocol GRE 47 on a Cisco 851, to a specific server or internal IP, for VPNs?

       

      I have since added the following with no change or success in fixing my problem, which is mapping to shares over VPN to IPs or FQDN. I can ping the servers and other devices in the network but not map.

       

      !

      interface FastEthernet4

      description $FW_OUTSIDE$$ES_WAN$

      ip address 216.99.113.x 255.255.255.248

      ip access-group 101 in

      ip helper-address 192.168.1.1

      no ip redirects

      no ip unreachables

      no ip proxy-arp

      ip nat outside

      ip virtual-reassembly

      ip route-cache flow

      duplex auto

      speed auto

      !

      interface Vlan1

      description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$

      ip address 192.168.1.1 255.255.255.0

      ip helper-address 192.168.1.1

      no ip redirects

      no ip unreachables

      no ip proxy-arp

      ip nat inside

      ip virtual-reassembly

      ip route-cache flow

      !

      ip classless

      ip route 0.0.0.0 0.0.0.0 216.99.113.x

      !

      ip http server

      ip http authentication local

      ip http secure-server

      ip http timeout-policy idle 60 life 86400 requests 10000

      ip nat inside source list 100 interface FastEthernet4 overload

      ip nat inside source static tcp 192.168.1.9 1723 interface FastEthernet4 1723

      ip nat inside source static tcp 192.168.1.78 1968 interface FastEthernet4 1968

      ip nat inside source static tcp 192.168.1.78 5900 interface FastEthernet4 5900

      ip nat inside source static tcp 192.168.1.78 65100 interface FastEthernet4 65100

      ip nat inside source static tcp 192.168.1.78 65110 interface FastEthernet4 65110

      ip nat inside source static tcp 192.168.1.35 80 interface FastEthernet4 80

      ip nat inside source static tcp 192.168.1.35 443 interface FastEthernet4 443

      ip nat inside source static tcp 192.168.1.35 20 interface FastEthernet4 20

      ip nat inside source static tcp 192.168.1.35 21 interface FastEthernet4 21

      !

      logging trap debugging

      access-list 100 remark SDM_ACL Category=2

      access-list 100 permit ip 192.168.1.0 0.0.0.255 any

      access-list 101 permit gre host 216.99.113.x host 192.168.1.9

      access-list 101 permit ip any any

      snmp-server community public-prtg RO

      no cdp run