I'm used to IPSEC and have never setup a GRE/PPTP with a Cisco ASA before. The customer are using Outlook sync on their mobile and some are using Microsoft VPN client to reach the internal network from the outside. We are replacing an old Linux based firewall that is configured with PPTP/GRE. The following example is from Cisco and is named Permitting PPTP/L2TP Connections Through the PIX/ASA
Permitting PPTP/L2TP Connections Through the PIX/ASA
Document ID: 18806
Commands to Add for Versions 7.x and 8.0 using inspection
Complete these steps to add commands for versions 7.x and 8.0 using the inspect command:
Add PPTP inspection to the default policy-map using the default class-map.
You do not need to define a static mapping because the PIX now inspects PPTP traffic. You can use PAT.
pixfirewall(config)#access-group acl-out in interface outside
We have a 255.255.255.252 subnet from our ISP and have one available public IP adress on the outside. That means that we have to use NAT/PAT between the outside and inside interface. The example mentions that when you enable inspect pptp you don't need to define a static mapping and PAT can be used. I'm confused! Is this all that is neccessary when you enable inspect pptp?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...