Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

allowing pptp through firewall

Hi all can anyone tell me what ports I need to allow for someone inside my network to vpn outbound to another location using pptp windows vpn.

cheers

Carl

2 REPLIES
New Member

Re: allowing pptp through firewall

Hi Carl

This document explains exactly how to enable PPTP VPNs to traverse a pix/asa:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml

Nutshell: If your firewall is not pptp aware (i.e. like pix with pre 6.2 software) you need to set up a 1 to 1 static NAT (PAT won't work) from your inside host to a public address and allow GRE (IP protocol 47) inbound as well as PPTP (TCP port 1723) outbound on your firewall.

If you have a pix etc with post 6.2 s/w, then "fixup protocol pptp" should work.

HTH

Kev

New Member

Re: allowing pptp through firewall

do I still need to do this even if I am the client, I need to connect outside my company to a pptp server hosted outside.

do i still need to use nat? if I dont have fixup?

what is fixup used for ?

447
Views
0
Helpful
2
Replies
CreatePlease to create content