Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Cisco PIX 506E PPTP access to Internet. Help Please!

Hi.

I'm fairly new to Cisco and am having some trouble configuring a Cisco PIX 506E. I would really appreciate some help.

The device is being used as the main firewall for our office and that part is working fine. It's also configured to provide PPTP connectivity/authentication for home users, and here lies the problem! The home users can connect fine, and are able to access office resources, however they cannot access the Internet. If I enable logging and try to browse to www.google.co.uk (from a PPTP client) the following entry is logged:

110001: No route to 207.46.193.254 from 172.25.101.100

I've attached a copy of the config (external IP has been changed for security reasons) and any help/advice would be very much appreciated.

Paul

3 REPLIES

Re: Cisco PIX 506E PPTP access to Internet. Help Please!

Paul, you need to PAT the VPN pool network for internet traffic.

Try this and post results

nat (oustide) 1 172.25.101.0 255.255.255.0

Rgds

Jorge

Re: Cisco PIX 506E PPTP access to Internet. Help Please!

Paul, would like to make a correction.. I did not realized you are running pix 6.x code on 506E, so my above statement does not applies becuase in 6.x code traffic comming in one interface may not go out on the same interface, from what I understand you would need to implement split tunneling but I have not seen any documentation on slpit tunnel using PPTP , you would have to run Ipsec instead and configure split tunneling for internet.

Rgds

Jorge

Community Member

Re: Cisco PIX 506E PPTP access to Internet. Help Please!

Many thanks for your help. I will have to try a VPN client with split-tunnel.

I must say that it's frustrating that something like this is not supported - you'd have thought it's a common requirement!

406
Views
5
Helpful
3
Replies
CreatePlease to create content