After entering set vip multi-port you'll be promptd with a warning that you must reboot.
set vip multi-port
save
resetDefine the service as usual
set service CustomPPTP group "other" 47 src 2048-2048 dst 2048-2048Append the TCP source ports to the service we just defined
set service CustomPPTP + tcp src 0-65535 dst 1723-1723The source port for TCP 1723 must be 0-65535 to allow for any source port
Set up your VIP
set int eth0/0 vip interface-ip 2048 CustomPPTP 192.168.1.2And define your policy
set policy from untrust to trust any vip(ethernet0/0) CustomPPTP permit log
No comments:
Post a Comment