Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA firewall can't be used as a PPTP VPN endpoint?

I was hoping to replace an aging PIX running 6.3 with a new ASA 5505 running 8.0

However, the PIX is currently used as a PPTP VPN endpoint for a number of MS-WinXP dialin clients on the outside. After a bit of research, it seems that the ASAs don't support PPTP tunnels? I was hoping for a real simple setup but now it looks like I need to do L2TP and a more complicated IPSEC setup.

Anyway...my question is: why did the ASA drop PPTP support? Is it significantly less secure? Are there any good examples for the "new" dialin VPN configs? (everything I google for seems to assume a PIX 6.x)

I'd like to see an example with the "tunnel-group" and "group-policy" commands...anyone have one?

1 REPLY
New Member

Re: ASA firewall can't be used as a PPTP VPN endpoint?

Hi Thomas,

I am not sure why they have discontinued the use of pptp in ver 7. 0 upwards .

But here is a link with l2tp with preshared keys :

http://www.ciscosystems.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807213a7.shtml

and also link with certificates :

http://www.ciscosystems.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800942ad.shtml

Raj

424
Views
8
Helpful
1
Replies
CreatePlease to create content