06-06-2002 08:02 AM - edited 02-20-2020 10:05 PM
We have had PPTP working for several months on a PIX 515 pair up until last Wednesday. Since that time no one has been able to connect via PPTP. Cisco VPN 3.x clients are working OK. As far as I can see, no changes have been made to the PIX config in the last few months that would cause this. Our PPTP config is below:
ip local pool pptppool 10.0.253.1-10.0.253.254
sysopt connection permit-pptp
vpdn group 1 accept dialin pptp
vpdn group 1 ppp authentication pap
vpdn group 1 ppp authentication chap
vpdn group 1 ppp authentication mschap
vpdn group 1 ppp encryption mppe 40
vpdn group 1 client configuration address local pptppool
vpdn group 1 client configuration wins x.x.x.x y.y.y.y
vpdn group 1 pptp echo 60
vpdn group 1 client authentication local
vpdn username aaaa password ****
vpdn username DOMAIN1\aaaa password ****
vpdn enable outside
06-10-2002 01:01 AM
Try enabling debugs as described in :
http://www.cisco.com/warp/customer/110/pptppix.html
and see / compare where things are failing with your setup.
06-10-2002 04:41 AM
We did enable debugs but were unable to see anything when monitoring a telnet session. We finally did a failover to our secondary, re-booted the primary, then did a fail back to the primary; after this, PPTP worked fine on the primary. What would cause the PIX to stop passing PPTP? No changes were made to the config.
06-12-2002 02:57 AM
SSH, PPTP debugs only show up on serial console. Unsure why it did not work until you had to do a failover. If you can reproduce this, then contact TAC.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide