Cisco PIX 506E PPTP access to Internet. Help Please!

Unanswered Question
Apr 21st, 2008


I'm fairly new to Cisco and am having some trouble configuring a Cisco PIX 506E. I would really appreciate some help.

The device is being used as the main firewall for our office and that part is working fine. It's also configured to provide PPTP connectivity/authentication for home users, and here lies the problem! The home users can connect fine, and are able to access office resources, however they cannot access the Internet. If I enable logging and try to browse to (from a PPTP client) the following entry is logged:

110001: No route to from

I've attached a copy of the config (external IP has been changed for security reasons) and any help/advice would be very much appreciated.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
JORGE RODRIGUEZ Mon, 04/21/2008 - 20:19

Paul, you need to PAT the VPN pool network for internet traffic.

Try this and post results

nat (oustide) 1



JORGE RODRIGUEZ Tue, 04/22/2008 - 06:10

Paul, would like to make a correction.. I did not realized you are running pix 6.x code on 506E, so my above statement does not applies becuase in 6.x code traffic comming in one interface may not go out on the same interface, from what I understand you would need to implement split tunneling but I have not seen any documentation on slpit tunnel using PPTP , you would have to run Ipsec instead and configure split tunneling for internet.



P-A-Swindon Tue, 04/22/2008 - 06:19

Many thanks for your help. I will have to try a VPN client with split-tunnel.

I must say that it's frustrating that something like this is not supported - you'd have thought it's a common requirement!


This Discussion