Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX site to site and remote access PPTP VPN issue

I have a little problem with remote access vpn using PPTP on a PIX 506E firewall. Actually i have a site-to-site vpn setup on the pix that connects to an ASA on the other side. When i tried to configure remote access PPTP vpn on the PIX, the clients can actually connect but cannot access the internal network behind the PIX. Cannot ping any machines inside, cannot access any server inside. I am attaching the PIX config, please help me out.

Regards,

Nawaz

4 REPLIES

Re: PIX site to site and remote access PPTP VPN issue

use another ip addresses for the pool.

no ip local pool pptp-pool 192.168.10.1-192.168.10.25

ip local pool pptp-pool 192.168.11.1-192.168.11.25

New Member

Re: PIX site to site and remote access PPTP VPN issue

Thanks for your prompt message alekseev. I want to ask however why should i change the address pool. Since i have used this one and have included the range in nonat. Could you please explain why i need to change these so that in the future i dont make the same mistake.

Thanks in advance.

Re: PIX site to site and remote access PPTP VPN issue

access-list NO-NAT permit ip 128.1.176.0 255.255.240.0 192.168.1.0 255.255.255.0

access-list NO-NAT permit ip 128.1.176.0 255.255.240.0 192.168.10.0 255.255.255.0

access-list NO-NAT permit ip 128.1.176.0 255.255.240.0 192.168.11.0 255.255.255.0

nat (inside) 0 access-list NO-NAT

New Member

Re: PIX site to site and remote access PPTP VPN issue

Alekseev:

this is the configuration on the PIX, the previous file was not the one running on the pix (Sorry about that). Could you please consider this one in your response.

Thanks.

Nawaz

116
Views
0
Helpful
4
Replies