Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN with PIX 501

Help!!

I am trying to configure VPN on my PIX 501. I have no experience of the PIX and have no idea where to start!

Any help will be greatly appreciated.

Thanks

Bennie

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: VPN with PIX 501

access-list permit gre any any

where is the name of the access-list that you have applied inbound to your outside interface. You may have to also permit gre outbound, if you have an access-list configured inbound on your inside interface.

8 REPLIES
New Member

Re: VPN with PIX 501

This is the best way to start configuring VPN on the PIX501

Cisco PIX Firewall and VPN Configuration Guide, Version 6.2

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_62/config/index.htm

Hope that helps,

Engel

New Member

Re: VPN with PIX 501

The goalposts have moved slightly. The scenarion is this:

I have a Windows 2000 server that is running as a VPN Server. I have translated the public IP address to this PC via the PIX(I have tested this and I know it is working)

I know need to enable VPN traffic to pass through the PIX when it maps to one specific IP address. i cant find the port numbers that VPN uses

Any ideas??

Thanks

New Member

Re: VPN with PIX 501

What protocol are you using? PPTP uses 1723 and the GRE Protocol.

New Member

Re: VPN with PIX 501

I believe I am using PPTP. I have allowed tcp port 1723 inbound & outbound. (this is all of the security changes I have made!!)

Is there anything else I should do? The hitcnt on the accesslist does increase each time I try and access the VPN Server, but the client throws up an error "721 - the remote computer did not respond"

Any thoughts?

Thanks

New Member

Re: VPN with PIX 501

you may have to allow the GRE protocol through also. The following line should allow it.

Access-list # permint gre any any

New Member

Re: VPN with PIX 501

Pardon my ignorance! The command you have quoted does not appear to work :( . Is there a particular syntax I should use?

Thanks again for your help on this

New Member

Re: VPN with PIX 501

access-list permit gre any any

where is the name of the access-list that you have applied inbound to your outside interface. You may have to also permit gre outbound, if you have an access-list configured inbound on your inside interface.

New Member

Re: VPN with PIX 501

This has worked!! Thanks for your help

264
Views
0
Helpful
8
Replies
CreatePlease login to create content