Hello, I want to confirm that it is not possible (with the default config) to get inside clients (static and natted) to make a PPTP connection through the PIX? Is this correct?
I know that 6.3.1 supports the pptp fixup prot, but I am very hesitant on upgrading the IOS so soon after 6.3's release. What can I do to get my inside clients to be able to PPTP through the PIX? I can give them static IPS if necessary.
Internal hosts with a one-to-one static translation will be able to PPTP out through the PIX, only PAT'd hosts will have the problem. You will need to allow GRE into these hosts with an access-list, since the PIX won't open up a hole for this since it isn't a TCP/UDP protocol. Something like:
> access-list inbound permit gre any host
> access-group inbound in interface outside
The PPTP (TCP 1723) packets will automatically be allowed back in, so just the static and the GRE ACL is all that's needed.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...