Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
672
Views
0
Helpful
1
Replies

PIX with PPTP and IPSec for RAS

ateixido
Level 1
Level 1

‎01-08-2004 08:33 AM - edited ‎02-21-2020 12:59 PM

I have problems with a PIX when I want to activate IPSec wit XAUTH and I already had PPTP.

When I configure IPSec the PPTP users stops to comunicate with internal resources acrros the Internet VPN.

Any idea about that?

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎01-08-2004 07:16 PM

You probably changed the nat 0 access-list to only reference the IPSec pool of addresses.

Let's say you have this:

ip local pool pptppool 10.1.1.1-10.1.1.254

ip local pool ipsecpool 10.2.2.1-10.2.2.254

and your inside network is 192.168.1.0/24. Your PIX config needs to look like this:

nat (inside) 0 access-list nonat

access-list nonat permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0

access-list nonat permit ip 192.168.1.0 255.255.255.0 10.2.2.0 255.255.255.0

In short, make sure both your IP pools (for the PPTP and IPSec users) are included in the nat 0 access-list.

0 Helpful
Customers Also Viewed These Support Documents