cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
509
Views
5
Helpful
3
Replies

PPTP and Cisco VPN client on same PIX 515e?

pizzov
Level 1
Level 1

I've only setup Cisco VPN remote client access on PIX 515e's...and am just wondering if you are also able to setup windows PPTP on the same PIX 515e that is setup for Cisco VPN client access? thanks!

3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

Vince,

Unfortunately PIX does not terminate PPTP like it does with Cisco VPN concentrators, however, L2TP over Ipsec is supportted where you can still use the Macrosoft PPTP vpn client, personally I have not implemented L2TP as we have VPN concentrators for both Cisco VPN client users and Microsoft PPTP clients but if you read the bellow links you can implement L2TP over Ipsec. PIX/ASA will be configured for L2TP for remote access, your PPTP clients can use the native VPN client which will be specified in PPTP properties indicated by type of VPN L2TP over Ipsec

Configuring L2TP over Ipsec ( Code 7.x-8.x )

http://www.cisco.com/en/US/docs/security/asa/asa72/asdm52/selected_procedures/asdml2tp.html

Same as above using code 6.x

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800942ad.shtml

Rgds

Jorge

Jorge Rodriguez

sarat1317
Level 1
Level 1

PIX does support MS PPTP VPN. I have a pix configured for that.

I dont see any issue if we can implement along with VPN client. I just tried configuring VPN client yesterday on the pix which I already have PPTP and did not work. But I believe that is something to do with my encryption and auth settings which I see from the debug messages. I am still working on it.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080143a5d.shtml

ip local pool vpn-clients 192.168.1.10-192.168.1.50

access-list inside_nonat_outbound permit ip 10.10.10.0 255.255.255.0 192.168.1.0 255.255.255.0

sysopt connection permit-pptp

vpdn group 1 accept dialin pptp

vpdn group 1 ppp authentication pap

vpdn group 1 ppp authentication chap

vpdn group 1 ppp authentication mschap

vpdn group 1 ppp encryption mppe auto

vpdn group 1 client configuration address local vpn-clients

vpdn group 1 client configuration dns x.x.x.x

vpdn group 1 pptp echo 300

vpdn group 1 client authentication local

vpdn username cisco password ciscotac

vpdn enable outside

I am running 6.3(5) version and I think ASA does not support PPTP.

Please rate if that helps

Thanks

Sarat

Hello,

7.x and later don't support PPTP. 6.3(5) does :)

Gr,

Dennis

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: