Cisco SDM and a Cisco 871 with firewall code.

[BenOutsourced]

I have been tasked to modify a Cisco 871 router that has been used only to provide 'Guest Wireless' internet access to visitors to our lobby. A visitor recently had need to create a VPN tunnel to his office from our guest wireless network but it failed because we only allow 80 and 443 outbound. The VPN client used was Microsofts which I believe uses TCP 1723.

I have been frustrated using SDM to modify firewall rules. The user account I use has privilge 15. When I try to create or modify a rule the GUI is inert in most fields and columns.

I'm new to the Cisco world of products but I suspect it's some built in extra security that prevents configurations from the GUI until you enable or dis-able some setting.

I can access the CLI and modify the config using that same user account.

I don't want to terminate a VPN tunnel on this device, I only want to pass the traffic thru it to their VPN gateway.

Any hints please.

 

[burtsbees]

OK...first off, if you have level 15 privileges, then it could be something with the version of Java you're using. But likely, you are trying to modify setings that are grayed out because they need to become "active" by other settings first---like modifying an acl that has no ACE's yet, for example...

Second, why don't you allow L2TP out and back in via the CLI?

access-list 121 permit tcp any any est

TIMMAY!

Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(25c), RELEASE SOFTWARE (fc2)
Technical Support:

http://www.cisco.com/techsupport

Copyright (c) 1523-2010 by Cisco Systems, Inc.
Compiled Thu 11-Feb-1539 23:02 by ßµ®†Šß€€Š

ROM: System Bootstrap, Version 12.2(7r) [ÝØÝØMØÑ], RELEASE SOFTWARE (fc1)

Edge uptime is 469¼