Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

basic pptp 501 6.3

I am attempting to permit a "inside" user who is assigned IP to PPTP to an outside vendor's web server.

can I use "sysopt connection permit-pptp" by itself, or can I use "fixup on port 1723"?

thank you,

wr t

Building configuration...

: Saved

PIX Version 6.3(5)

interface ethernet0 auto

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password encrypted

passwd encrypted

hostname MJSFW


fixup protocol dns maximum-length 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69


access-list outside_access_in permit tcp any any eq 3389

pager lines 24

icmp deny any outside

mtu outside 1500

mtu inside 1500

ip address outside "outside ip"

ip address inside

ip audit info action alarm

ip audit attack action alarm

pdm history enable

arp timeout 14400

global (outside) 10 interface

nat (inside) 10 0 0

static (inside,outside) tcp "outside ip" 3389 3389 netmask 0 0

access-group outside_access_in in interface outside

route outside "outside gateway" 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout sip-disconnect 0:02:00 sip-invite 0:03:00

timeout uauth 0:05:00 absolute

no snmp-server location

no snmp-server contact

snmp-server community warn1ng

no snmp-server enable traps

floodguard enable

sysopt noproxyarp inside

telnet inside

telnet timeout 5

ssh timeout 5

console timeout 0

terminal width 80


: end




Accepted Solutions
Cisco Employee

Re: basic pptp 501 6.3

fixup protocol pptp 1723

Cisco Employee

Re: basic pptp 501 6.3

fixup protocol pptp 1723

New Member

Re: basic pptp 501 6.3

got it, thank you!