06-06-2002 08:02 AM - edited 02-20-2020 10:05 PM
We have had PPTP working for several months on a PIX 515 pair up until last Wednesday. Since that time no one has been able to connect via PPTP. Cisco VPN 3.x clients are working OK. As far as I can see, no changes have been made to the PIX config in the last few months that would cause this. Our PPTP config is below:
ip local pool pptppool 10.0.253.1-10.0.253.254
sysopt connection permit-pptp
vpdn group 1 accept dialin pptp
vpdn group 1 ppp authentication pap
vpdn group 1 ppp authentication chap
vpdn group 1 ppp authentication mschap
vpdn group 1 ppp encryption mppe 40
vpdn group 1 client configuration address local pptppool
vpdn group 1 client configuration wins x.x.x.x y.y.y.y
vpdn group 1 pptp echo 60
vpdn group 1 client authentication local
vpdn username aaaa password ****
vpdn username DOMAIN1\aaaa password ****
vpdn enable outside
06-10-2002 01:01 AM
Try enabling debugs as described in :
http://www.cisco.com/warp/customer/110/pptppix.html
and see / compare where things are failing with your setup.
06-10-2002 04:41 AM
We did enable debugs but were unable to see anything when monitoring a telnet session. We finally did a failover to our secondary, re-booted the primary, then did a fail back to the primary; after this, PPTP worked fine on the primary. What would cause the PIX to stop passing PPTP? No changes were made to the config.
06-12-2002 02:57 AM
SSH, PPTP debugs only show up on serial console. Unsure why it did not work until you had to do a failover. If you can reproduce this, then contact TAC.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: