Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix 501 with PPTP

Hello Everyone,

I am having touble with configuring PPTP to work with the PIX 501. I have 5 global static addresses and am using one for pat for the internal network and one for pptp traffic.

I have created a static map for the PPTP on the pix

static (inside, outside) 155.22.31.1 10.0.0.1 netmask 255.255.255.255

This is not the actual global address just made one up. I then wrote this into my config.

ip local pool my-addr-pool 10.0.0.15-10.0.0.110

vpdn group 1 accept dialin pptp

vpdn group 1 client configuration address local my-addr-pool

vpdn enable outside

access-list acl_out permit tcp any host 155.22.31.1 eq telnet

access-group acl_out in interface outside

I created this access-list alone as well as with the one above also.. but it did not work

access-list acl_out permit tcp any host 155.22.31.1 eq 1723

access-group acl_out in interface outside

any adivice? or can anyone point me to a location where can find info on doing this?

Thanks in advance

Bill

1 REPLY
New Member

Re: Pix 501 with PPTP

HI.

PPTP VPN to the pix is using the pix own outside interface ip address, as defined in

ip address outside X.X.X.X

You can find more info in:

http://www.cisco.com/warp/public/471/top_issues/vpn/pixvpn_index.shtml

http://www.cisco.com/warp/public/110/pix_command_ref.shtml

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/

And you can use pixcript - a free GUI utility, that will generate a sample config for VPDN:

http://teachers.sivan.co.il/yizhar#pixcript

Bye

158
Views
0
Helpful
1
Replies