01-16-2006 07:43 AM - edited 02-21-2020 12:38 AM
Please,
How could I enable pptp through pix, without problems, time outs, warnings, etc..
The client VPN is in the inside and the server is in the outside.
fixup ?
access list ?
static ?
??
To reach the outside there are two firewalls pix.
Thanks.
01-16-2006 07:58 AM
helllo
Refer to the following URL:
you need to open TCP 1723, GRE and do a fixup for PPTP ... this will enable communication from inside to a PPTP server on the outside
Hope this helps... all the best..
Raj
01-16-2006 08:23 AM
Please, could you send the command lines?.
I already have the fixup, nat, and global.
But, which access lists?, only to the outside, to the inside?, If i have the fixup.... i have to open gre too?.
Thanks.
01-16-2006 10:14 AM
Is there any problem when configuring FIXUP PROTOCOL PPTP 1723 ?
thks.
01-19-2006 06:17 AM
To allow for users inside your network to access a vpn connection outside your network, you just need:
fixup protocol pptp 1723
To allow users from outside your network to access a vpn inside your network you will need to do a static and 2 access-list:
static (inside, outside) x.x.x.x y.y.y.y netmask 255.255.255.255 0 0
x.x.x.x=outside ip
y.y.y.y=inside ip
access-list 101 permit tcp any host x.x.x.x eq pptp
access-list 101 permit gre any host x.x.x.x
access-group 101 in interface outside
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide