PIX site to site and remote access PPTP VPN issue

Unanswered Question
Jul 26th, 2008
User Badges:

I have a little problem with remote access vpn using PPTP on a PIX 506E firewall. Actually i have a site-to-site vpn setup on the pix that connects to an ASA on the other side. When i tried to configure remote access PPTP vpn on the PIX, the clients can actually connect but cannot access the internal network behind the PIX. Cannot ping any machines inside, cannot access any server inside. I am attaching the PIX config, please help me out.

Regards,

Nawaz



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.alekseev Sat, 07/26/2008 - 13:14
User Badges:
  • Gold, 750 points or more

use another ip addresses for the pool.

no ip local pool pptp-pool 192.168.10.1-192.168.10.25

ip local pool pptp-pool 192.168.11.1-192.168.11.25

snahosany Sun, 07/27/2008 - 00:20
User Badges:

Thanks for your prompt message alekseev. I want to ask however why should i change the address pool. Since i have used this one and have included the range in nonat. Could you please explain why i need to change these so that in the future i dont make the same mistake.

Thanks in advance.

a.alekseev Sat, 07/26/2008 - 13:17
User Badges:
  • Gold, 750 points or more

access-list NO-NAT permit ip 128.1.176.0 255.255.240.0 192.168.1.0 255.255.255.0

access-list NO-NAT permit ip 128.1.176.0 255.255.240.0 192.168.10.0 255.255.255.0

access-list NO-NAT permit ip 128.1.176.0 255.255.240.0 192.168.11.0 255.255.255.0

nat (inside) 0 access-list NO-NAT


snahosany Sun, 07/27/2008 - 00:28
User Badges:

Alekseev:

this is the configuration on the PIX, the previous file was not the one running on the pix (Sorry about that). Could you please consider this one in your response.

Thanks.

Nawaz



Attachment: 

Actions

This Discussion