PPTP through PIX 6.3

ppaulet · ‎01-16-2006

Please,

How could I enable pptp through pix, without problems, time outs, warnings, etc..

The client VPN is in the inside and the server is in the outside.

fixup ?

access list ?

static ?

??

To reach the outside there are two firewalls pix.

Thanks.

sachinraja · ‎01-16-2006

helllo

Refer to the following URL:

you need to open TCP 1723, GRE and do a fixup for PPTP ... this will enable communication from inside to a PPTP server on the outside

Hope this helps... all the best..

Raj

ppaulet · ‎01-16-2006

Please, could you send the command lines?.

I already have the fixup, nat, and global.

But, which access lists?, only to the outside, to the inside?, If i have the fixup.... i have to open gre too?.

Thanks.

ppaulet · ‎01-16-2006

Is there any problem when configuring FIXUP PROTOCOL PPTP 1723 ?

thks.

d-roush · ‎01-19-2006

To allow for users inside your network to access a vpn connection outside your network, you just need:

fixup protocol pptp 1723

To allow users from outside your network to access a vpn inside your network you will need to do a static and 2 access-list:

static (inside, outside) x.x.x.x y.y.y.y netmask 255.255.255.255 0 0

x.x.x.x=outside ip

y.y.y.y=inside ip

access-list 101 permit tcp any host x.x.x.x eq pptp

access-list 101 permit gre any host x.x.x.x

access-group 101 in interface outside