I have setup this acces-list going to the Internet, I have a few 2000
Server's some worksta's as well. I have VPNS setup on one of my 2000 Server
and want to be able to access this network from the Internet, I have the
server setup for VPN, but with this new access-list I put up I can no longer
get to my VPN server no more. The server IP address is 198.168.1.10 and yes I
am running NAT on my router, not PAT.
What kind of access-list do I need to be able to gain access to my VPNS
without showing my tcp 137-139 and udp 137-139 to my Server.
Thanks
Ethernet0
ip address X.X.X.X 255.255.255.0
ip access-group 105 out
BRI0
ip address 10.1.1.1 255.255.255.0
access-list 105 permit tcp any any established log
access-list 105 deny udp any any eq 135 log
access-list 105 deny udp any any eq 136 log
access-list 105 deny udp any any eq netbios-ns log
access-list 105 deny udp any any eq netbios-dgm log
access-list 105 deny udp any any eq netbios-ss log
access-list 105 permit udp any any log
access-list 105 permit icmp any any log
Brian
Email Address [EMAIL PROTECTED]
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
