Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need PPTP access from DMZ to inside using outside interface

I have a wireless access point set up on the DMZ....I also have PPTP set up to accept incoming connections on the Outside interface....I need to be able to tunnel from the DMZ to the outside IP..this does not work.....is this even posible?

4 REPLIES
Silver

Re: Need PPTP access from DMZ to inside using outside interface

you should be able to enable pptp to listen for connections on the dmz interface as well.

New Member

Re: Need PPTP access from DMZ to inside using outside interface

I don't want to tunnel into the DMZ..... I want to tunnel from the DMZ using a notebook going through the Wireless acces point to the out side interface ...this I hope will give me access to inside resources...from the DMZ

Re: Need PPTP access from DMZ to inside using outside interface

To answer your original question - No, you will not be able to create a PPTP tunnel from a device on the DMZ interface to the outside interface on the PIX. The PIX requires that packets enter an interface and exit another interface in order to pass. Same logic applies to why you cannot ping the outside interface from the client on the DMZ interface.

However, the previous poster gave you a good work-around. You can enable PPTP termination on the DMZ interface as well as on the outside interface. The clients that terminate on the DMZ interface will still be able to access internal resources.

I have never actually tried this but in theory, it should work.

Let us know if this is not clear or if you run into some problems.

Scott

New Member

Re: Need PPTP access from DMZ to inside using outside interface

This lost me.....currently..when I log into the PPTP interface...it gives me an IP out of the Inside Subnet....192.168.0.X...... If I terminate the PPTP tunnel in the DMZ will this not give an IP in the DMZ?.....192.168.1.X

We use the DMZ for Guest access at our office.....but I would like to provide secure access to the Inside resources......

239
Views
0
Helpful
4
Replies
CreatePlease to create content