Hi Glen

I have configured VPN on pix 501 ver 6.3(5) for windows using pptp. Users logon successfully but cannot access any of the internal network IP. below is my config.

PIX Version 6.3(5)

interface ethernet0 auto

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password encrypted

passwd encrypted

hostname pix01

domain-name **************

fixup protocol dns maximum-length 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol pptp 1723

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69

names

access-list outside_access_in permit tcp any any

access-list outside_access_in permit udp any any

access-list outside_access_in permit gre any any

access-list inside_access_in permit ip any any

access-list nonat permit ip 10.43.42.0 255.255.255.0 192.168.1.0 255.255.255.0

access-list nonat permit icmp any any

no pager

logging on

logging console debugging

mtu outside 1500

mtu inside 1500

ip address outside ********** 255.255.255.248

ip address inside 10.43.42.19 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

ip local pool dealer 192.168.1.1-192.168.1.50

pdm logging informational 100

pdm history enable

arp timeout 14400

global (outside) 1 interface

nat (inside) 0 access-list nonat

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 0.0.0.0 0.0.0.0 ********** 1

timeout xlate 0:05:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout sip-disconnect 0:02:00 sip-invite 0:03:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local

http server enable

http 10.43.42.0 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

sysopt connection permit-pptp

crypto ipsec transform-set basic esp-des esp-md5-hmac

crypto dynamic-map cisco 4 set transform-set basic

crypto map partner-map 20 ipsec-isakmp dynamic cisco

crypto map partner-map client configuration address initiate

crypto map partner-map client configuration address respond

isakmp key ******** address 0.0.0.0 netmask 0.0.0.0

isakmp identity address

isakmp nat-traversal 30

isakmp policy 1 authentication rsa-sig

isakmp policy 1 encryption des

isakmp policy 1 hash sha

isakmp policy 1 group 1

isakmp policy 1 lifetime 86400

telnet timeout 5

ssh 0.0.0.0 0.0.0.0 outside

ssh 10.43.42.0 255.255.255.0 inside

ssh timeout 5

console timeout 0

vpdn group 1 accept dialin pptp

vpdn group 1 ppp authentication pap

vpdn group 1 ppp authentication chap

vpdn group 1 ppp authentication mschap

vpdn group 1 ppp encryption mppe auto

vpdn group 1 client configuration address local dealer

vpdn group 1 client configuration dns 10.43.42.22

vpdn group 1 pptp echo 60

vpdn group 1 client authentication local

vpdn username ahmed password *********

vpdn username chris password *********

vpdn enable outside

dhcpd auto_config outside

terminal width 80

Cryptochecksum:xxx

: end

I ll be waiting for response.

Regards

Ahmed