Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
308
Views
3
Helpful
2
Replies

inside host cannot VPN to PPTP server

Go to solution
scott.bridges
Level 1
Level 1

‎06-02-2009 04:50 PM - edited ‎03-11-2019 08:39 AM

ASA 5505

|

3750 switch

|

Windows XP host

Above is a very rough layout. There is no entry that I see that limits outbound traffic.

VPN server is a Windows server. The server and account is setup correctly as I just tested it out at my apartment and connected fine. Not to mention the server is hosting numerous other PPTP clients with the same config.

When I setup the standard Windows VPN connection on the XP machine in the office and hit Connect, it sees the server and gets to "Authenticating" then eventually times out. I forget the exact number of the error code, but it's the one that is "Remote peer has timed out"

So could anything in the ASA be blocking PPTP outgoing traffic by default? Any tips on troubleshooting this?

The server admin seems to think that since I cannot ping the outside (ex: ping www.google.com) and get replies, he thinks that is the problem. To me, PPTP and ICMP have nothing to do with eachother.

Please, any help would be appreciated.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎06-02-2009 05:47 PM

Since this is ASA5505 it has to run 7.x or above. Pls. refer this link below.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml#new

Add inspect pptp

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎06-02-2009 05:47 PM

Since this is ASA5505 it has to run 7.x or above. Pls. refer this link below.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml#new

Add inspect pptp

0 Helpful

Go to solution
bmcginn
Level 3
Level 3

‎06-02-2009 05:50 PM

Hi Scott,

Here's a page which may help a bit.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml#maintask1

Some troubleshooting things that may help are:

capture interface outside

show capture

Ensure the logging on the device is verbose enough:

logging buffer 10240 <1 - 7>

turn on logging:

logging on

This is a good page for help in debugging NAT too:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807ea936.shtml

Good luck with it!

Brad

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card