LAN Adapter IP Seen inside Remote PPTP connection on PIX
I've Created a PPTP connection from my machine at home to a PIX at the office.
On my machine at home the LAN adapter (192.168.1.99) has a WINS Server address of a Internal WINS server (10.1.0.x).
When I make a PPTP connection to the firewall, I can connect just fine to the internal servers. The Firewall gives me an address of 10.201.0.9. I can reach the machine at home form the internal Network.
Though the firewall complains that a packet from Address 192.168.1.99 (with traffic destined for 10.1.0.8) is not an IPSec Packet and is rejected. This is true and the packet should be rejected.
Though my question is, why is the Machine at home sending request from the LAN Adapter as the LAN Adapter's IP Address though the Dial-up PPTP connection?
If I remove the 10.1.0.x address from the LAN Adapter's WINS server list, the Error messages about rejected Packets Disapears.
If it has traffic destined for the 10.x.x.x network shouldn't it use the 10.201.0.9 Address and pass the request aling from there?
Re: LAN Adapter IP Seen inside Remote PPTP connection on PIX
I was facing a problem some time ago with my VPN client. If a laptop connected to the LAN at the office was brought home and used to connect to the firewall at the office via a dial up connection, no data was transfered over the dial up connection. It turned out that the problem had to do with the release of IP address and more importantly, with the way in which the traffic was being routed. (http://www.cisco.com/warp/public/471/ms_route.html). I guess this document could give you a hint about what might be happening in your network.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :