10-19-2005 08:58 AM - edited 02-21-2020 02:03 PM
I have a 515 at my main site and a 501 at a remote site. I cannot connect to main site using MS VPN (PPTP)from remote. Can someone give me some guidane in changing the 501 config. Otherare able to connect remotely to the 515 using same client and the 501 is a new install. Thanks in advance for the help.
10-19-2005 09:06 AM
I assume that the PPTP clients that cannot connect are residing behind the PIX-501. If yes, then open the following ports and protocols on the ACL of the PIX-501. This ACL will be applied to the outside interface of the 501.
access-list outside_acl permit udp any any eq 1723
access-list outside_acl permit gre any any
That should do it.
10-19-2005 12:09 PM
Will port 47 need to be allowed also? If so what commands will I need to use? Thanks for your help on this.
10-19-2005 12:22 PM
It is NOT port 47. It is protocol 47. The access-list is:
access-list outside_acl permit 47 any any
OR THE SAME THING CAN BE ENTERED AS:
access-list outside_acl permit gre any any
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide