Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Allow PPTP to pass through a Cisco ASA device

I have Cisco ASA and ISA 2004 server.

I want to use the ISA as VPN server. Thus, I need the ASA to allow the

PPTP VPN traffic through to the ISA Server so that it can authenticate.

Can anyone help me how to configure.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Allow PPTP to pass through a Cisco ASA device

Only tcp .. If you have an access-list applied to the inside interface .. then you might need to add

access-list extended permit gre host any

3 REPLIES

Re: Allow PPTP to pass through a Cisco ASA device

HI .. I believe you only need to allow GRE and PPTP on your access-lists

1.- Configure a static for your ISA box

2.- allow GRE and PPTP to that Public IP address i.e

quote

"In this configuration example, the PPTP server is 209.165.201.5 (static to 10.48.66.106 inside), and the PPTP client is at 209.165.201.25.

access-list acl-out permit gre host 209.165.201.25 host 209.165.201.5

access-list acl-out permit tcp host 209.165.201.25 host 209.165.201.5 eq 1723

static (inside,outside) 209.165.201.5 10.48.66.106 netmask 255.255.255.255 0 0

access-group acl-out in interface outside "

I hope it helps .. please rate it if it does !!

New Member

Re: Allow PPTP to pass through a Cisco ASA device

do we have to allow tcp only or even udp along with tcp in access-list entry

Re: Allow PPTP to pass through a Cisco ASA device

Only tcp .. If you have an access-list applied to the inside interface .. then you might need to add

access-list extended permit gre host any

3935
Views
0
Helpful
3
Replies