Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1113
Views
0
Helpful
2
Replies

PPTP from inside PIX 506

adrian.h
Level 1
Level 1

‎03-21-2002 07:21 AM - edited ‎02-20-2020 10:00 PM

I have had a problem trying to establish an outbound PPTP session from inside our PIX 506. I have had this with version 5.x and 6.1 now. I have tried it using PAT and now with a total NAT setup

I can never do a tunnel through a PIX. I can do this through MS's NAT, 3com, and Linksys Firewalls, but not the PIX. What is the trick to setting this up?

0 Helpful
2 Replies 2

exigent
Level 1
Level 1

‎03-23-2002 10:36 PM

Create a NAT static mapping between an available public IP and a private IP (you cannot use PAT wtih Cisco). Then, do an access-list to permit GRE. You do not need one for 1723. Here is an example:

static (inside, outside) 15.1.1.1 192.168.1.1 netmask 255.255.255.255

access-list out permit gre any host 15.1.1.1

access-group in in interface outside

15.1.1.1=outside available public IP

192.168.1.1=inside host that wants to do PPTP

Hope this helps.

Sincerely,

Alex

0 Helpful

srittenberg
Level 1
Level 1

‎03-23-2002 11:19 PM

Cisco website has the config example for this. it's under "configuring the PIX filewall and vpn clients using pptp;mppe and ipsec"

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card