Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX 501 VPN to PIX 515

I have a 515 at my main site and a 501 at a remote site. I cannot connect to main site using MS VPN (PPTP)from remote. Can someone give me some guidane in changing the 501 config. Otherare able to connect remotely to the 515 using same client and the 501 is a new install. Thanks in advance for the help.

3 REPLIES
Community Member

Re: PIX 501 VPN to PIX 515

I assume that the PPTP clients that cannot connect are residing behind the PIX-501. If yes, then open the following ports and protocols on the ACL of the PIX-501. This ACL will be applied to the outside interface of the 501.

access-list outside_acl permit udp any any eq 1723

access-list outside_acl permit gre any any

That should do it.

Community Member

Re: PIX 501 VPN to PIX 515

Will port 47 need to be allowed also? If so what commands will I need to use? Thanks for your help on this.

Community Member

Re: PIX 501 VPN to PIX 515

It is NOT port 47. It is protocol 47. The access-list is:

access-list outside_acl permit 47 any any

OR THE SAME THING CAN BE ENTERED AS:

access-list outside_acl permit gre any any

108
Views
0
Helpful
3
Replies
CreatePlease to create content