office through PIX515E to remote PPTP VPN

Unanswered Question
Jul 7th, 2008
User Badges:

Hello,

I have a PIX515E which used to allow me to successfully connect to a client's VPN using Windows XP PPTP. I'm connecting successfully but the login/password stage is hanging. I've spent a couple of days on the issue and implemented various ideas including

conduit permit gre any any

conduit permit tcp host [ip] eq 1723

static(dmz,outside) [outsideIP] [dmzIP] netmask 255.255.255.255 0 0


Also I've added:

fixup protocol pptp 1723


although I've read that my version of the firmware (6.3(1)) has a bug which was fixed in a subsequent upgrade.


tnx for any advice

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
singhsaju Wed, 07/09/2008 - 11:55
User Badges:
  • Silver, 250 points or more

you mentioned that it used to allow successfully connect. So was this working before ? Also i want to confirm that this is a Pix passthrough scenario.


Check PPTP server logs .

DrSteveBrown Wed, 07/09/2008 - 12:36
User Badges:

Customer owns PPTP server and unable to rapidly help me dx problem. Yes, PIX passthrough I think (outside IP mapped to inside IP) and I also added conduit statements yesterday for good measure.


I ended up connecting successfully through my 515E both via MacOS X and an XP Pro partition on the same computer and same IP address that couldn't connect via XP home. Rather than diagnose the issue with XP/home - and I've disabled firewall, created new VPN connection configs, etc. - I'll just work within XP/Pro.


However it may be interesting for me to search XP tech forums for any issues on PPTP for home version.



DrSteveBrown Wed, 07/09/2008 - 12:41
User Badges:

singhsaju:

one other question: Perhaps I didn't set something up completely. Could you define what you're asking about this being a PIX passthrough scenario ? I had assumed that the config I noted in my post would indicate that there's a passthrough going on but since you're asking the question, then you're welcome to assume that I didn't do everything needed to make this a passthrough scenario.

Just to re-state: I'm trying to get a machine inside my company network to connect through my 515E to the Internet, to a customer's VPN which appears to be an Windows NT-type PPTP machine.

Actions

This Discussion