Configuring GRE for MS PPTP VPN client access to 871w

Unanswered Question
Mar 25th, 2007

I'm trying to use the "vpdn enable" process to connect the MS PPTP vpn client to the router. This is easy on a pix 501 but it's confusing as sh*t on the new 12.4 IOS the 871w ships with. I've tried the various articles that come up but I'm getting the "verying username and password" which is generally an indicator the GRE is not in play.

How do I enable GRE to connect, if anyone knows?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dsweeny Fri, 03/30/2007 - 10:21

MS PPTP clients do not connect via a PAT device.

Try this:

It is possible through a unique static NAT translation. This will work because we don't have to specify a port to translate (problem with GRE)...we translate all traffic for that IP address.

change the ACLs on the outside interface to allow GRE and TCP 1723 to hit the new public IP address for the server.

also set up a static NAT for the new public address to the private address of the server.

Try this doc:

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a00800949c0.shtml

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a00801e51e2.shtml

Actions

This Discussion