Announcement

Collapse
No announcement yet.

How to use GUI to enable GRE (for PPTP)?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to use GUI to enable GRE (for PPTP)?

    Hi,

    I need to enable GRE for PPTP to a SBS 2008 behind the ASA 5505.
    How to do that using the GUI?

    Best regards Steffen

  • #2
    Re: How to use GUI to enable GRE (for PPTP)?

    Not sure about ASDM but on the CLI you need to permit tcp port 1723 and protocol 47 (GRE) through the ASA

    Depending on the ASA code version the ACL may be different. With anything 8.2 and below, the ip's in the ACL will be the public ip's of the hosts, if 8.3 and later it will be the private ip's of the hosts.

    access-list PPTP_VPN extended permit gre any host X.X.X.X
    access-list PPTP_VPN extended permit tcp any host X.X.X.X eq 1723


    access-group PPTP_VPN in interface outside

    From the gui it should be as simple as creating the ACL above and applying it to the interface. Remember the implicit deny at the end of the ACL as well.
    Last edited by auglan; 25th April 2012, 11:54.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: How to use GUI to enable GRE (for PPTP)?

      Just out of curiosity, any reason not to enable SSL VPN on the ASA itself? The 5505 comes with 2 SSL licenses and you could buy additional licences if needed. To me thats a much more secure solution and easier to the end user. They can do client-less access through a web browser or use the anyconnect client which acts just the the regular cisco vpn client.
      CCNA, CCNA-Security, CCNP
      CCIE Security (In Progress)

      Comment

      Working...
      X