Re: Pix VPN and Microsoft IAS

pnivens · ‎01-17-2002

I have configured a Pix 515 for VPN access with authentication though Microsoft IAS on a Win2K server located on the "inside" of the Pix. I can connect, receive an IP from the Pix, and am authenticated on the Win2K IAS/domain controller server and can ping everything and telnet to my UNIX box. The problem is that I can't access any of my Win2k shares. Is this due to the access-list (access-list 101 permit ip .......)? Is Win2k trying to pass info back on a different protocol that I am not opening? Help!

pnivens · ‎01-18-2002

I solved part of the problem by adding a DNS entry into the Pix config. This allows me to "net view \\servername" but I am still having trouble graphically browsing the network on the Win2K client. I found earlier postings involving WINS, but I would prefer not to use WINS. Any help would be appreciated.

exigent · ‎01-21-2002

Did you use a certain Cisco doc? I could really use it. I need to do this for a few clients. Could you point me in the right direction?

pnivens · ‎01-22-2002

The most helpful doc that I found is at www.cisco.com/warp/public/110/pptppix.html. I did have to add the vpdn group 1 client authentication dns XXX.XXX.XXX.XXX command, as mentioned above, that was not in this doc. Good Luck.

exigent · ‎01-22-2002

Can you repost that link? It didn't work.

pnivens · ‎01-23-2002

www.cisco.com/warp/public/110/pptppix.html

It picked up the period, from the sentence, in the link above. Good luck.