Hi All, pulling my hair out on this one... We have an internal PPTP server that works fine when I access it via internal subnet. However, I cannot get access from an external IP via our ASA 5505. I've tried enabling/disabling PPTP Fixup as well as many different config changes, but it will not work. I even upgraded from 8.4.5 to 9.1.4. I also called the PPTP server vendor and they said that there's nothing special needed for their pptp server so I'm stumped. Debug doesn't show anything too descriptive. The last line says teardown GRE connection and then the windows vpn client says it could not connect.
The pertinent current config is below, am I missing anything obvious? Thanks!
Hi Karsten, I considered using the ASA to teminate VPN, but the person requesting this is doing a special project that involves a Tripp Lite Console server, which includes a pptp vpn server. I'll ask if we can instead terminate vpn access at ASA. Also, I somehow left that info out while cleaning the config. I have a few other ports open to this console server that can be closed if the vpn worked. Thanks! >
EDIT: Karsten, as an update, I tried removing the current NAT and tried your suggestion, but no luck and it actually broke https access to the internal server so I put it back the way it was. I also noticed this in the config >
Warning: All traffic destined to the ip address of the inside interface is being redirected
Warning: Users may not be able to access any service enabled on the inside interface
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :