cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
485
Views
0
Helpful
2
Replies

PPTP VPN works on PAT or NAT? Please help..

bhupeshg
Level 1
Level 1

I have a pptp based vpn connection with client. While allowing the traffic towards internet for vpn connection, there are 2 ASA configured with PAT. I configured an IP base ACL from client to PPTP server. Initially the connection is establishing but after some time it get drops. Please suggest if it is because of the PAT, which is configured on the ASA. As per my knowledge PPTP vpn works on static nat.

Your suggestion on this will be appreciable.

2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

Hi,

Im sure you have come across this link bellow, if not PLS take a look at it to understand PPTP and GRE in PIX/ASA/FWSM.

In essence you will need a one-to-one NAT address translation. I have tested this many times using PAT in both PIX 6.x and ASA 7.x.

PPTP will work with PAT only if you have a single PPTP client in your network connecting to a PPTP server on the outside using PAT as long you have fixup protocol pptp 1723 for code 6.x and pptp inspection for code 7.x in your global policy. So..if only one source in your LAN is using PPTP you are fine, if more than one user needs to PPTP you will then need a one to one NAT.

But you have indicated that pptp connection is stablished and after a while it drops, I would suggest to look into some logs at both ends to determined what is causing the drop.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml

Regards

Jorge Rodriguez

please try by using one-to-one static NAT

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: