Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

PPTP and GRE pass-through in Cisco 1710 and PIX

I have a windows 2003 PPTP server working well in my LAN, users from the LAN are able to connect to the PPTP server using windows PPTP client.

My access router is a cisco 1710 router (IOS version 12.3) with NAT enabled, I configured PAT on port 1723 so that users from outside the network connect to the PPTP server, but this is not working, I always have error 721 on windows PPTP client.

Previously, I had a cisco 2600, with PPTP enable, it was working fine; but it is no longer working since I changed the access router to cisco 1710 (or PIX506 with IOS version 6.3).

AFter checking over internet, I found that it is related to GRE pass-through issues, I would like to know how to enable GRE pass-through in cisco 1710 (and PIX with IOS version 6.3), otherwise do you have another solution.

Attached is a copy of the configuration.

5 REPLIES
New Member

Re: PPTP and GRE pass-through in Cisco 1710 and PIX

Hi,

I couldn't make GRE pass-through with PAT running on 1712, but PIX 506 can do this if you configure fixup for PPTP protocol.

//Mikhail Galiulin

New Member

Re: PPTP and GRE pass-through in Cisco 1710 and PIX

Try to configure the below configuration, it should work,

ip nat inside source static gre 192.168.25.70 1723 interface Ethernet0 1723

ip nat inside source static tcp 192.168.25.70 1723 interface Ethernet0 1723

Rate the post if helpfull.

Regards,

Suresh Jain

New Member

Re: PPTP and GRE pass-through in Cisco 1710 and PIX

Hello,

I configure as you said, but it did not work.

Look below the option of the command:

(config)#ip nat inside source static ?

A.B.C.D Inside local IP address

esp IPSec-ESP (Tunnel mode) support

network Subnet translation

tcp Transmission Control Protocol

udp User Datagram Protocol

No occurence of GRE protocol.

my router IOS is Version 12.3(11)T.

Looking forward hearing from you.

New Member

Re: PPTP and GRE pass-through in Cisco 1710 and PIX

Can you try to do in this way, this should work,

what we are trying to do in the below config is, we are permiting the PPTP traffic in access-list but in nat command.

ip nat inside source access-list 101 interface ethernet0

access-list 101 permit gre 192.168.25.70 1723 interface Ethernet0 1723

access-list 101 permit tcp 192.168.25.70 1723 interface Ethernet0 1723

Hope that helps,

Regards,

Suresh Jain

New Member

Re: PPTP and GRE pass-through in Cisco 1710 and PIX

Hello,

I tried what you said, but my IOS version doesn't allow me to write access-list with GRE protocol in port based, with destination on the interface :

here is what I enter in my router :

ip nat inside source access-list 101 interface ethernet0

access-list 101 permit gre 192.168.25.70 any

access-list 101 permit tcp 192.168.25.70 any eq 1723

Unfortunately, this does not solve my problem, I am still waiting for a solution.

Thanks in advance for your help.

2205
Views
0
Helpful
5
Replies
CreatePlease to create content