Restricting access for PPTP users to specific protocols

Discussion in 'Cisco' started by Rik Bain, Oct 18, 2003.

  1. Rik Bain

    Rik Bain Guest

    On Sat, 18 Oct 2003 17:48:02 +0600, Patrick wrote:

    > I have users terminating their PPTP sessions on my PIX (6.3.1). Using
    > the SYSOPT CONNECTION PERMIT-PPTP opens up all hosts as specified by my
    > NAT 0 configuration. This works great. But, how do I place an access
    > list on those PPTP users to only permit for example tcp 3389? I do not
    > have Secure ACS.
    >
    > Thx,
    > Patrick


    Remove sysopt connection permit-pptp and use access-list/access-group in
    the incoming interface.

    Rik Bain
     
    Rik Bain, Oct 18, 2003
    #1
    1. Advertisements

  2. Rik Bain

    Patrick Guest

    I have users terminating their PPTP sessions on my PIX (6.3.1). Using
    the SYSOPT CONNECTION PERMIT-PPTP opens up all hosts as specified by
    my NAT 0 configuration. This works great. But, how do I place an
    access list on those PPTP users to only permit for example tcp 3389?
    I do not have Secure ACS.

    Thx,
    Patrick
     
    Patrick, Oct 18, 2003
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.