Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
285
Views
0
Helpful
2
Replies

vpn

oevans
Level 1
Level 1

‎04-28-2003 11:33 AM - edited ‎02-21-2020 12:30 PM

This connection was working before and just now I get this error. Does anyone have any ideas. This is a user trying to access and external vpn server.

Thanks

regular translation creation failed for protocol 47 src inside:192.168.100.171 dst outside:102.106.100.200

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎04-28-2003 04:42 PM

Protocol 47 is GRE which is used in PPTP VPN connections. If this inside user has a static one-to-one translation then this will work, but if this user is being PAT'd as they go out you need to be running 6.3 code on the PIX for this to work (and enable the PPTP fixup).

"Regular translation creation failed" means an outbound packet was denied because the nat translation through the PIX didn't work. The PIX needs to NAT every outbound packet in some way, and if it can't you'll get this error. You need to look at either the static or the nat/global pair for this IP address pair and see what's going on.

Also, the PIX won't open a hole for GRE packets to come back in, so you need to have an ACL on the outside that allows GRE back in.

0 Helpful

molinek
Level 1
Level 1
In response to gfullage

‎05-04-2003 08:26 PM

Could you please point me to some configs that have PPTP VPN connections enabled to the outside interface using 6.3 code?

Thanks!

Kevin

0 Helpful
Customers Also Viewed These Support Documents