On 2821 IosFW 12.4(5a), I have:

ip inspect name Firewall pptp audit-trail on timeout 3600

ip access-list extended Acl_Inside

permit tcp host XXXX host YYYY eq 1723

permit gre host XXXX host yyyy

In audit-trail log, I have:

Mar 15 14:50:40 router 123929: 119408: Mar 15 14:50:40.319 CET: %FW-6-SESS_AUDIT_TRAIL: Stop pptp session: initiator (XXXX:1072) sent 348 bytes -- responder (YYYY:1723) sent 188 bytes

Mar 15 14:50:48 router 123939: 119418: Mar 15 14:50:48.175 CET: %FW-6-SESS_AUDIT_TRAIL: Stop pptp session: initiator (XXXX:1073) sent 404 bytes -- responder (YYYY:1723) sent 336 bytes

but user claims that its pptp session does not establish.

When I move this traffic to my old Pix 520, it works perfectly.

Is it a bug ?