RDP fails using Cisco VPN Client to PIX

Discussion in 'Cisco' started by Curt, Jun 1, 2007.

  1. Curt

    Curt Guest

    In our office we have a Winxp machine with the Cisco VPN client running
    on it. If we go thru the pix, the VPN client connects up to the remote
    PIX just fine. However, Windows RDP does Not work thru the tunnel. If we
    hookup the same computer direct to the net on the other side of our PIX
    the VPN and RDP work just fine.

    Any Ideas what to look for would be greatly appreciated.

    TIA
     
    Curt, Jun 1, 2007
    #1
    1. Advertising

  2. Curt

    Chad Mahoney Guest

    Curt wrote:
    > In our office we have a Winxp machine with the Cisco VPN client running
    > on it. If we go thru the pix, the VPN client connects up to the remote
    > PIX just fine. However, Windows RDP does Not work thru the tunnel. If we
    > hookup the same computer direct to the net on the other side of our PIX
    > the VPN and RDP work just fine.
    >
    > Any Ideas what to look for would be greatly appreciated.
    >
    > TIA


    Perhaps we could see some of your config? Would like to see the
    access-lists, your NAT statement, ISAKMP and IPSEC configs...
     
    Chad Mahoney, Jun 1, 2007
    #2
    1. Advertising

  3. Curt

    Merv Guest

    On Jun 1, 11:09 am, Chad Mahoney <0ney.com> wrote:
    > Curt wrote:
    > > In our office we have a Winxp machine with the Cisco VPN client running
    > > on it. If we go thru the pix, the VPN client connects up to the remote
    > > PIX just fine. However, Windows RDP does Not work thru the tunnel. If we
    > > hookup the same computer direct to the net on the other side of our PIX
    > > the VPN and RDP work just fine.

    >
    > > Any Ideas what to look for would be greatly appreciated.

    >
    > > TIA

    >
    > Perhaps we could see some of your config? Would like to see the
    > access-lists, your NAT statement, ISAKMP and IPSEC configs...


    Try reducing the MTU size on the PC running the RDP client.

    AFAIK RDP does not allow for packets to be fragmented
     
    Merv, Jun 2, 2007
    #3
  4. Curt

    Curt Guest

    Re: RDP fails using Cisco VPN Client to PIX config posting

    Earlier this month I posted a problem getting RDP to work through our
    VPN tunnel. We have a PIX in out data center that we use the Cisco
    client to connect up to then we use MS RDP to connect to our servers.
    This works just fine when we are on the outside of our new office PIX.
    When we hook up a computer directly to roadrunner on the outside of our
    PIX, this works. When we hookup the same computer on the inside of our
    network, the VPN client connects just fine, but the RDP fails to see any
    of the servers on the other side of the tunnel. Someone ask me top post
    our config. I finally got it. I have hidden our company name, passwords
    and out external IP addresses. If our external IP was 1.2.3.10 I labeled
    it as Our.External.IP.10. I did this as we have multiple external IP
    addresses referenced within our config and it will let you see were they
    are referenced. Here is our config. and Thanks for any assistance.

    Notes: Our.Outside.IP.xx hides our 1st 3 octets of our IP address.

    PIX Version 6.3(5)
    interface ethernet0 auto
    interface ethernet1 100full
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password OurPassword encrypted
    passwd OurPassword encrypted
    hostname OurCompanypix
    domain-name OurCompany.local
    clock timezone EST -5
    clock summer-time EDT recurring
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol pptp 1723
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    name 192.168.25.0 VPNclient
    name Our.Outside.IP.20 web_ftp-outside
    name 192.168.4.6 web_ftp-inside
    name Our.Outside.IP.19 email_RDP-outside
    name 192.168.4.5 email_RDP-inside
    access-list 101 permit icmp any any
    access-list 101 remark VPN Access Policy
    access-list 101 permit ip VPNclient 255.255.255.0 192.168.4.0
    255.255.255.0
    access-list 101 permit tcp any host email_RDP-outside eq smtp
    access-list 101 permit tcp any host email_RDP-outside eq pop3
    access-list 101 permit tcp any host email_RDP-outside eq 3389
    access-list 101 permit tcp any host web_ftp-outside eq ftp-data
    access-list 101 permit tcp any host web_ftp-outside eq ftp
    access-list 101 permit tcp any host web_ftp-outside eq www
    access-list 101 permit tcp any host web_ftp-outside eq https
    access-list outside_cryptomap_dyn_30 permit ip any VPNclient
    255.255.255.0
    access-list OurCompany_splitTunnelAcl permit ip 192.168.4.0
    255.255.255.0 any
    access-list inside_outbound_nat0_acl permit ip 192.168.4.0 255.255.255.0
    VPNclie
    nt 255.255.255.0
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip address outside Our.Outside.IP.18 255.255.255.248
    ip address inside 192.168.4.1 255.255.255.0
    ip verify reverse-path interface outside
    ip audit info action alarm
    ip audit attack action alarm
    ip local pool OurCompanyVPNpool 192.168.25.51-192.168.25.60 mask
    255.255.255.0
    pdm location email_RDP-outside 255.255.255.255 outside
    pdm location web_ftp-inside 255.255.255.255 inside
    pdm location email_RDP-inside 255.255.255.255 inside
    pdm location VPNclient 255.255.255.0 outside
    pdm location web_ftp-outside 255.255.255.255 outside
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 0 access-list inside_outbound_nat0_acl
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) email_RDP-outside email_RDP-inside netmask
    255.255.255.2
    55 0 0
    static (inside,outside) web_ftp-outside web_ftp-inside netmask
    255.255.255.255 0
    0
    access-group 101 in interface outside
    route outside 0.0.0.0 0.0.0.0 Our.Outside.IP.17 1
    timeout xlate 0:30:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
    1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout sip-disconnect 0:02:00 sip-invite 0:03:00
    timeout uauth 0:30:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server TACACS+ max-failed-attempts 3
    aaa-server TACACS+ deadtime 10
    aaa-server RADIUS protocol radius
    aaa-server RADIUS max-failed-attempts 3
    aaa-server RADIUS deadtime 10
    aaa-server LOCAL protocol local
    aaa authentication enable console LOCAL
    aaa authentication http console LOCAL
    aaa authentication ssh console LOCAL
    ntp server 192.5.41.41 source outside
    ntp server 192.5.41.40 source outside prefer
    http server enable
    http 0.0.0.0 0.0.0.0 outside
    http 0.0.0.0 0.0.0.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    sysopt connection permit-ipsec
    sysopt connection permit-l2tp
    auth-prompt prompt Enter login authorization
    auth-prompt accept Thank you. Access granted.
    auth-prompt reject Either get it right or stop trying to hack your way
    in.
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto dynamic-map outside_dyn_map 10 set transform-set ESP-3DES-MD5
    crypto dynamic-map outside_dyn_map 30 match address
    outside_cryptomap_dyn_30
    crypto dynamic-map outside_dyn_map 30 set transform-set ESP-3DES-MD5
    crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
    crypto map outside_map client authentication LOCAL
    crypto map outside_map interface outside
    isakmp enable outside
    isakmp policy 10 authentication pre-share
    isakmp policy 10 encryption 3des
    isakmp policy 10 hash md5
    isakmp policy 10 group 2
    isakmp policy 10 lifetime 86400
    vpngroup OurCompany address-pool OurCompanyVPNpool
    vpngroup OurCompany dns-server email_RDP-inside 65.32.1.70
    vpngroup OurCompany wins-server email_RDP-inside
    vpngroup OurCompany default-domain OurCompany.local
    vpngroup OurCompany split-tunnel OurCompany_splitTunnelAcl
    vpngroup OurCompany split-dns OurCompany.local OurCompany.lcl
    vpngroup OurCompany idle-time 1800
    vpngroup OurCompany password ********
    telnet 0.0.0.0 0.0.0.0 inside
    telnet timeout 5
    ssh 0.0.0.0 0.0.0.0 outside
    ssh 0.0.0.0 0.0.0.0 inside
    ssh timeout 5
    management-access inside
    console timeout 0
    username pronetserv password AnotherPassword encrypted privilege 15
    username admin password aDifferentPassword encrypted privilege 15
    terminal width 80
    Cryptochecksum:ee9a570fa7357d631aa572e2f65500ac
    : end
     
    Curt, Jun 27, 2007
    #4
  5. Curt

    Brian V Guest

    Re: RDP fails using Cisco VPN Client to PIX config posting

    "Curt" <> wrote in message
    news:...
    > Earlier this month I posted a problem getting RDP to work through our
    > VPN tunnel. We have a PIX in out data center that we use the Cisco
    > client to connect up to then we use MS RDP to connect to our servers.
    > This works just fine when we are on the outside of our new office PIX.
    > When we hook up a computer directly to roadrunner on the outside of our
    > PIX, this works. When we hookup the same computer on the inside of our
    > network, the VPN client connects just fine, but the RDP fails to see any
    > of the servers on the other side of the tunnel. Someone ask me top post
    > our config. I finally got it. I have hidden our company name, passwords
    > and out external IP addresses. If our external IP was 1.2.3.10 I labeled
    > it as Our.External.IP.10. I did this as we have multiple external IP
    > addresses referenced within our config and it will let you see were they
    > are referenced. Here is our config. and Thanks for any assistance.
    >
    > Notes: Our.Outside.IP.xx hides our 1st 3 octets of our IP address.
    >
    > PIX Version 6.3(5)
    > interface ethernet0 auto
    > interface ethernet1 100full
    > nameif ethernet0 outside security0
    > nameif ethernet1 inside security100
    > enable password OurPassword encrypted
    > passwd OurPassword encrypted
    > hostname OurCompanypix
    > domain-name OurCompany.local
    > clock timezone EST -5
    > clock summer-time EDT recurring
    > fixup protocol dns maximum-length 512
    > fixup protocol ftp 21
    > fixup protocol h323 h225 1720
    > fixup protocol h323 ras 1718-1719
    > fixup protocol http 80
    > fixup protocol pptp 1723
    > fixup protocol rsh 514
    > fixup protocol rtsp 554
    > fixup protocol sip 5060
    > fixup protocol sip udp 5060
    > fixup protocol skinny 2000
    > fixup protocol smtp 25
    > fixup protocol sqlnet 1521
    > fixup protocol tftp 69
    > names
    > name 192.168.25.0 VPNclient
    > name Our.Outside.IP.20 web_ftp-outside
    > name 192.168.4.6 web_ftp-inside
    > name Our.Outside.IP.19 email_RDP-outside
    > name 192.168.4.5 email_RDP-inside
    > access-list 101 permit icmp any any
    > access-list 101 remark VPN Access Policy
    > access-list 101 permit ip VPNclient 255.255.255.0 192.168.4.0
    > 255.255.255.0
    > access-list 101 permit tcp any host email_RDP-outside eq smtp
    > access-list 101 permit tcp any host email_RDP-outside eq pop3
    > access-list 101 permit tcp any host email_RDP-outside eq 3389
    > access-list 101 permit tcp any host web_ftp-outside eq ftp-data
    > access-list 101 permit tcp any host web_ftp-outside eq ftp
    > access-list 101 permit tcp any host web_ftp-outside eq www
    > access-list 101 permit tcp any host web_ftp-outside eq https
    > access-list outside_cryptomap_dyn_30 permit ip any VPNclient
    > 255.255.255.0
    > access-list OurCompany_splitTunnelAcl permit ip 192.168.4.0
    > 255.255.255.0 any
    > access-list inside_outbound_nat0_acl permit ip 192.168.4.0 255.255.255.0
    > VPNclie
    > nt 255.255.255.0
    > pager lines 24
    > mtu outside 1500
    > mtu inside 1500
    > ip address outside Our.Outside.IP.18 255.255.255.248
    > ip address inside 192.168.4.1 255.255.255.0
    > ip verify reverse-path interface outside
    > ip audit info action alarm
    > ip audit attack action alarm
    > ip local pool OurCompanyVPNpool 192.168.25.51-192.168.25.60 mask
    > 255.255.255.0
    > pdm location email_RDP-outside 255.255.255.255 outside
    > pdm location web_ftp-inside 255.255.255.255 inside
    > pdm location email_RDP-inside 255.255.255.255 inside
    > pdm location VPNclient 255.255.255.0 outside
    > pdm location web_ftp-outside 255.255.255.255 outside
    > pdm history enable
    > arp timeout 14400
    > global (outside) 1 interface
    > nat (inside) 0 access-list inside_outbound_nat0_acl
    > nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    > static (inside,outside) email_RDP-outside email_RDP-inside netmask
    > 255.255.255.2
    > 55 0 0
    > static (inside,outside) web_ftp-outside web_ftp-inside netmask
    > 255.255.255.255 0
    > 0
    > access-group 101 in interface outside
    > route outside 0.0.0.0 0.0.0.0 Our.Outside.IP.17 1
    > timeout xlate 0:30:00
    > timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
    > 1:00:00
    > timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    > timeout sip-disconnect 0:02:00 sip-invite 0:03:00
    > timeout uauth 0:30:00 absolute
    > aaa-server TACACS+ protocol tacacs+
    > aaa-server TACACS+ max-failed-attempts 3
    > aaa-server TACACS+ deadtime 10
    > aaa-server RADIUS protocol radius
    > aaa-server RADIUS max-failed-attempts 3
    > aaa-server RADIUS deadtime 10
    > aaa-server LOCAL protocol local
    > aaa authentication enable console LOCAL
    > aaa authentication http console LOCAL
    > aaa authentication ssh console LOCAL
    > ntp server 192.5.41.41 source outside
    > ntp server 192.5.41.40 source outside prefer
    > http server enable
    > http 0.0.0.0 0.0.0.0 outside
    > http 0.0.0.0 0.0.0.0 inside
    > no snmp-server location
    > no snmp-server contact
    > snmp-server community public
    > no snmp-server enable traps
    > floodguard enable
    > sysopt connection permit-ipsec
    > sysopt connection permit-l2tp
    > auth-prompt prompt Enter login authorization
    > auth-prompt accept Thank you. Access granted.
    > auth-prompt reject Either get it right or stop trying to hack your way
    > in.
    > crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    > crypto dynamic-map outside_dyn_map 10 set transform-set ESP-3DES-MD5
    > crypto dynamic-map outside_dyn_map 30 match address
    > outside_cryptomap_dyn_30
    > crypto dynamic-map outside_dyn_map 30 set transform-set ESP-3DES-MD5
    > crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
    > crypto map outside_map client authentication LOCAL
    > crypto map outside_map interface outside
    > isakmp enable outside
    > isakmp policy 10 authentication pre-share
    > isakmp policy 10 encryption 3des
    > isakmp policy 10 hash md5
    > isakmp policy 10 group 2
    > isakmp policy 10 lifetime 86400
    > vpngroup OurCompany address-pool OurCompanyVPNpool
    > vpngroup OurCompany dns-server email_RDP-inside 65.32.1.70
    > vpngroup OurCompany wins-server email_RDP-inside
    > vpngroup OurCompany default-domain OurCompany.local
    > vpngroup OurCompany split-tunnel OurCompany_splitTunnelAcl
    > vpngroup OurCompany split-dns OurCompany.local OurCompany.lcl
    > vpngroup OurCompany idle-time 1800
    > vpngroup OurCompany password ********
    > telnet 0.0.0.0 0.0.0.0 inside
    > telnet timeout 5
    > ssh 0.0.0.0 0.0.0.0 outside
    > ssh 0.0.0.0 0.0.0.0 inside
    > ssh timeout 5
    > management-access inside
    > console timeout 0
    > username pronetserv password AnotherPassword encrypted privilege 15
    > username admin password aDifferentPassword encrypted privilege 15
    > terminal width 80
    > Cryptochecksum:ee9a570fa7357d631aa572e2f65500ac
    > : end


    add:
    isakmp nat-traversal 20
     
    Brian V, Jun 27, 2007
    #5
  6. Curt

    Curt Guest

    Re: RDP fails using Cisco VPN Client to PIX config posting

    Thanks, I'll see if I can figure out how to do that. I appreciate you
    taking the time to answer.



    In article <>,
    says...
    >
    > "Curt" <> wrote in message
    > news:...
    > > Earlier this month I posted a problem getting RDP to work through our
    > > VPN tunnel. We have a PIX in out data center that we use the Cisco
    > > client to connect up to then we use MS RDP to connect to our servers.
    > > This works just fine when we are on the outside of our new office PIX.
    > > When we hook up a computer directly to roadrunner on the outside of our
    > > PIX, this works. When we hookup the same computer on the inside of our
    > > network, the VPN client connects just fine, but the RDP fails to see any
    > > of the servers on the other side of the tunnel. Someone ask me top post
    > > our config. I finally got it. I have hidden our company name, passwords
    > > and out external IP addresses. If our external IP was 1.2.3.10 I labeled
    > > it as Our.External.IP.10. I did this as we have multiple external IP
    > > addresses referenced within our config and it will let you see were they
    > > are referenced. Here is our config. and Thanks for any assistance.
    > >
    > > Notes: Our.Outside.IP.xx hides our 1st 3 octets of our IP address.
    > >
    > > PIX Version 6.3(5)
    > > interface ethernet0 auto
    > > interface ethernet1 100full
    > > nameif ethernet0 outside security0
    > > nameif ethernet1 inside security100
    > > enable password OurPassword encrypted
    > > passwd OurPassword encrypted
    > > hostname OurCompanypix
    > > domain-name OurCompany.local
    > > clock timezone EST -5
    > > clock summer-time EDT recurring
    > > fixup protocol dns maximum-length 512
    > > fixup protocol ftp 21
    > > fixup protocol h323 h225 1720
    > > fixup protocol h323 ras 1718-1719
    > > fixup protocol http 80
    > > fixup protocol pptp 1723
    > > fixup protocol rsh 514
    > > fixup protocol rtsp 554
    > > fixup protocol sip 5060
    > > fixup protocol sip udp 5060
    > > fixup protocol skinny 2000
    > > fixup protocol smtp 25
    > > fixup protocol sqlnet 1521
    > > fixup protocol tftp 69
    > > names
    > > name 192.168.25.0 VPNclient
    > > name Our.Outside.IP.20 web_ftp-outside
    > > name 192.168.4.6 web_ftp-inside
    > > name Our.Outside.IP.19 email_RDP-outside
    > > name 192.168.4.5 email_RDP-inside
     
    Curt, Jun 27, 2007
    #6
  7. Curt

    Curt Guest

    Re: RDP fails using Cisco VPN Client to PIX config posting Failed

    I had our 'Cisco' guy add the line you posted. It did not appear to help
    the situation.

    Any other ideas?



    In article <>,
    says...
    >
    > "Curt" <> wrote in message
    > news:...
    > > Earlier this month I posted a problem getting RDP to work through our
    > > VPN tunnel. We have a PIX in out data center that we use the Cisco
    > > client to connect up to then we use MS RDP to connect to our servers.
    > > This works just fine when we are on the outside of our new office PIX.
    > > When we hook up a computer directly to roadrunner on the outside of our
    > > PIX, this works. When we hookup the same computer on the inside of our
    > > network, the VPN client connects just fine, but the RDP fails to see any
    > > of the servers on the other side of the tunnel. Someone ask me top post
    > > our config. I finally got it. I have hidden our company name, passwords
    > > and out external IP addresses. If our external IP was 1.2.3.10 I labeled
    > > it as Our.External.IP.10. I did this as we have multiple external IP
    > > addresses referenced within our config and it will let you see were they
    > > are referenced. Here is our config. and Thanks for any assistance.
    > >
    > > Notes: Our.Outside.IP.xx hides our 1st 3 octets of our IP address.
    > >
    > > PIX Version 6.3(5)
    > > interface ethernet0 auto
    > > interface ethernet1 100full
    > > nameif ethernet0 outside security0
    > > nameif ethernet1 inside security100
    > > enable password OurPassword encrypted
    > > passwd OurPassword encrypted
    > > hostname OurCompanypix
    > > domain-name OurCompany.local
    > > clock timezone EST -5
    > > clock summer-time EDT recurring
    > > fixup protocol dns maximum-length 512
    > > fixup protocol ftp 21
    > > fixup protocol h323 h225 1720
    > > fixup protocol h323 ras 1718-1719
    > > fixup protocol http 80
    > > fixup protocol pptp 1723
    > > fixup protocol rsh 514
    > > fixup protocol rtsp 554
    > > fixup protocol sip 5060
    > > fixup protocol sip udp 5060
    > > fixup protocol skinny 2000
    > > fixup protocol smtp 25
    > > fixup protocol sqlnet 1521
    > > fixup protocol tftp 69
    > > names
    > > name 192.168.25.0 VPNclient
    > > name Our.Outside.IP.20 web_ftp-outside
    > > name 192.168.4.6 web_ftp-inside
    > > name Our.Outside.IP.19 email_RDP-outside
    > > name 192.168.4.5 email_RDP-inside
     
    Curt, Jul 2, 2007
    #7
  8. Curt

    notaccie Guest

    Re: RDP fails using Cisco VPN Client to PIX config posting Failed

    i'm looking back at your previous conversations and am not sure I got
    them all...

    Some thoughts--dismiss if you've covered these obvious items...

    when the vpn client is behind the PIX, what can it see on the target
    network? check to see that it can ping, browse (if windows), resolve
    names, blah, blah, blah.

    is it only RDP that is the problem? try the obvious? RDP is fairly
    sensitive to MTU. since this is not site-site VPN, have the client
    drop the mtu, incrementally. (look at DF bit)

    how is the vpn client getting through the PIX to establish the tunnel?
    try nat-t, udp. it works pretty well.

    what version of vpn client? is it a 3000 on the other end? asa? PIX?




    On Mon, 2 Jul 2007 15:04:11 -0400, Curt <> wrote:

    >I had our 'Cisco' guy add the line you posted. It did not appear to help
    >the situation.
    >
    >Any other ideas?
    >
    >
    >
    >In article <>,
    > says...
    >>
    >> "Curt" <> wrote in message
    >> news:...
    >> > Earlier this month I posted a problem getting RDP to work through our
    >> > VPN tunnel. We have a PIX in out data center that we use the Cisco
    >> > client to connect up to then we use MS RDP to connect to our servers.
    >> > This works just fine when we are on the outside of our new office PIX.
    >> > When we hook up a computer directly to roadrunner on the outside of our
    >> > PIX, this works. When we hookup the same computer on the inside of our
    >> > network, the VPN client connects just fine, but the RDP fails to see any
    >> > of the servers on the other side of the tunnel. Someone ask me top post
    >> > our config. I finally got it. I have hidden our company name, passwords
    >> > and out external IP addresses. If our external IP was 1.2.3.10 I labeled
    >> > it as Our.External.IP.10. I did this as we have multiple external IP
    >> > addresses referenced within our config and it will let you see were they
    >> > are referenced. Here is our config. and Thanks for any assistance.
    >> >
    >> > Notes: Our.Outside.IP.xx hides our 1st 3 octets of our IP address.
    >> >
    >> > PIX Version 6.3(5)
    >> > interface ethernet0 auto
    >> > interface ethernet1 100full
    >> > nameif ethernet0 outside security0
    >> > nameif ethernet1 inside security100
    >> > enable password OurPassword encrypted
    >> > passwd OurPassword encrypted
    >> > hostname OurCompanypix
    >> > domain-name OurCompany.local
    >> > clock timezone EST -5
    >> > clock summer-time EDT recurring
    >> > fixup protocol dns maximum-length 512
    >> > fixup protocol ftp 21
    >> > fixup protocol h323 h225 1720
    >> > fixup protocol h323 ras 1718-1719
    >> > fixup protocol http 80
    >> > fixup protocol pptp 1723
    >> > fixup protocol rsh 514
    >> > fixup protocol rtsp 554
    >> > fixup protocol sip 5060
    >> > fixup protocol sip udp 5060
    >> > fixup protocol skinny 2000
    >> > fixup protocol smtp 25
    >> > fixup protocol sqlnet 1521
    >> > fixup protocol tftp 69
    >> > names
    >> > name 192.168.25.0 VPNclient
    >> > name Our.Outside.IP.20 web_ftp-outside
    >> > name 192.168.4.6 web_ftp-inside
    >> > name Our.Outside.IP.19 email_RDP-outside
    >> > name 192.168.4.5 email_RDP-inside

    >
     
    notaccie, Jul 6, 2007
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. GVB
    Replies:
    1
    Views:
    2,911
    Martin Bilgrav
    Feb 6, 2004
  2. Svenn
    Replies:
    3
    Views:
    774
    Svenn
    Mar 13, 2006
  3. D K
    Replies:
    4
    Views:
    511
  4. andypatterson24
    Replies:
    2
    Views:
    2,944
    andypatterson24
    Apr 25, 2008
  5. Replies:
    21
    Views:
    1,534
    Shauna
    Aug 26, 2008
Loading...

Share This Page