Hi, I have a router connected to internet and remote clients with VPN-Client 1.1. They need to browse the networkview some hosts and access to some network services.
the service don't work until I configure the access-list in the interface interface Serial0.80 point-to-point description **** Ligacao para VPNs sobre internet *** bandwidth 192 ip address xxx.xxx.xxx.210 255.255.255.252 ip access-group 180 in no ip route-cache no ip mroute-cache no cdp enable frame-relay interface-dlci 80 class net-112k crypto map mymap access-list 180 permit ahp any host xxx.xxx.xxx.210 access-list 180 permit esp any host xxx.xxx.xxx.210 access-list 180 permit udp any host xxx.xxx.xxx.210 eq isakmp access-list 180 permit tcp any host 192.168.0.2 eq 137 access-list 180 permit tcp any host 192.168.0.2 eq 138 access-list 180 permit tcp any host 192.168.0.2 eq 139 access-list 180 permit udp any host 192.168.0.2 eq netbios-ss access-list 180 permit udp any host 192.168.0.2 eq netbios-dgm access-list 180 permit udp any host 192.168.0.2 eq netbios-ns access-list 180 permit tcp any host 192.168.0.4 eq 137 access-list 180 permit tcp any host 192.168.0.4 eq 138 access-list 180 permit tcp any host 192.168.0.4 eq 139 access-list 180 permit udp any host 192.168.0.4 eq netbios-ss access-list 180 permit udp any host 192.168.0.4 eq netbios-dgm access-list 180 permit udp any host 192.168.0.4 eq netbios-ns access-list 180 deny ip any any log Isthis necessary, or i miss something???? Thx in advance. Antero Vasconcelos Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63333&t=63333 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
