Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
314
Views
0
Helpful
3
Replies

PIX 501 VPN to PIX 515

rpridgen
Level 1
Level 1

‎10-19-2005 08:58 AM - edited ‎02-21-2020 02:03 PM

I have a 515 at my main site and a 501 at a remote site. I cannot connect to main site using MS VPN (PPTP)from remote. Can someone give me some guidane in changing the 501 config. Otherare able to connect remotely to the 515 using same client and the 501 is a new install. Thanks in advance for the help.

Labels:
0 Helpful
3 Replies 3

pkapoor
Level 3
Level 3

‎10-19-2005 09:06 AM

I assume that the PPTP clients that cannot connect are residing behind the PIX-501. If yes, then open the following ports and protocols on the ACL of the PIX-501. This ACL will be applied to the outside interface of the 501.

access-list outside_acl permit udp any any eq 1723

access-list outside_acl permit gre any any

That should do it.

0 Helpful

rpridgen
Level 1
Level 1
In response to pkapoor

‎10-19-2005 12:09 PM

Will port 47 need to be allowed also? If so what commands will I need to use? Thanks for your help on this.

0 Helpful

pkapoor
Level 3
Level 3
In response to rpridgen

‎10-19-2005 12:22 PM

It is NOT port 47. It is protocol 47. The access-list is:

access-list outside_acl permit 47 any any

OR THE SAME THING CAN BE ENTERED AS:

access-list outside_acl permit gre any any

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents