Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
755
Views
0
Helpful
8
Replies

VPN with PIX 501

Go to solution
smahmud
Level 1
Level 1

‎02-03-2003 05:32 AM - edited ‎02-21-2020 12:19 PM

Help!!

I am trying to configure VPN on my PIX 501. I have no experience of the PIX and have no idea where to start!

Any help will be greatly appreciated.

Thanks

Bennie

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
kagodfrey
Level 3
Level 3
In response to smahmud

‎02-04-2003 05:19 AM

access-list permit gre any any

where is the name of the access-list that you have applied inbound to your outside interface. You may have to also permit gre outbound, if you have an access-list configured inbound on your inside interface.

View solution in original post

0 Helpful
8 Replies 8

Go to solution
engel
Level 2
Level 2

‎02-03-2003 07:54 PM

This is the best way to start configuring VPN on the PIX501

Cisco PIX Firewall and VPN Configuration Guide, Version 6.2

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_62/config/index.htm

Hope that helps,

Engel

0 Helpful

Go to solution
smahmud
Level 1
Level 1
In response to engel

‎02-04-2003 02:39 AM

The goalposts have moved slightly. The scenarion is this:

I have a Windows 2000 server that is running as a VPN Server. I have translated the public IP address to this PC via the PIX(I have tested this and I know it is working)

I know need to enable VPN traffic to pass through the PIX when it maps to one specific IP address. i cant find the port numbers that VPN uses

Any ideas??

Thanks

0 Helpful

Go to solution
wolfrikk
Level 3
Level 3
In response to smahmud

‎02-04-2003 04:21 AM

What protocol are you using? PPTP uses 1723 and the GRE Protocol.

0 Helpful

Go to solution
smahmud
Level 1
Level 1
In response to wolfrikk

‎02-04-2003 04:37 AM

I believe I am using PPTP. I have allowed tcp port 1723 inbound & outbound. (this is all of the security changes I have made!!)

Is there anything else I should do? The hitcnt on the accesslist does increase each time I try and access the VPN Server, but the client throws up an error "721 - the remote computer did not respond"

Any thoughts?

Thanks

0 Helpful

Go to solution
wolfrikk
Level 3
Level 3
In response to smahmud

‎02-04-2003 04:43 AM

you may have to allow the GRE protocol through also. The following line should allow it.

Access-list # permint gre any any

0 Helpful

Go to solution
smahmud
Level 1
Level 1
In response to wolfrikk

‎02-04-2003 04:49 AM

Pardon my ignorance! The command you have quoted does not appear to work :( . Is there a particular syntax I should use?

Thanks again for your help on this

0 Helpful

Go to solution
kagodfrey
Level 3
Level 3
In response to smahmud

‎02-04-2003 05:19 AM

access-list permit gre any any

where is the name of the access-list that you have applied inbound to your outside interface. You may have to also permit gre outbound, if you have an access-list configured inbound on your inside interface.

0 Helpful

Go to solution
smahmud
Level 1
Level 1
In response to kagodfrey

‎02-04-2003 09:49 AM

This has worked!! Thanks for your help

0 Helpful
Customers Also Viewed These Support Documents