Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Pix 515-e and PPTP VPN

Client has Pix 515-e with multiple static NAT entries setup.  One static NAT does to one division of the company, a second to a different.  The first one will allow PPTP connections just fine to a 2003 RRAS server.  The second has an XP box with dial in setup but cannot get it to allow PPTP into it.

I have setup rules on the firewall to allow the PPTP traffic but it doesn't work.  I know traffic is going there though becuase I setup an RDP rule and that works just fine.

Any ideas on what I could be missing?

Thanks!

3 REPLIES

Re: Pix 515-e and PPTP VPN

Hi,

To allow PPTP connections to the internal server you need the static NAT and the ACL permitting TCP 1723 and GRE to the NAT IP.

Do you have the ACL in place and if so, is it getting hitcounts? (sh access-list)

Federico.

New Member

Re: Pix 515-e and PPTP VPN

I do not have the ACL here.

Re: Pix 515-e and PPTP VPN

Daniel,

What I'm saying is that if you have a PPTP server behind the PIX, in order to access that server from the outside you need an ACL (besides the static NAT).

Federico.

479
Views
0
Helpful
3
Replies
CreatePlease to create content