Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PPTP dial-in is not properly inspected by ZBF

Hi,

I have a PPTP dialin to a router, the vitual templace is places in zone_A

The clients can dialin fine and reach any host on the local net in the same security zone_A as they are.

But they can't reach clients on other zones (says zone_B) they should have access to.

When on the wired zone_A LAN direclty, then they can reach zone_B without problem.

When trying to analyze the issue, I can see that the fwd packets (zone_A pptp client -> zone_B server) go though just fine (they reach zone_B), but the return packet don't because it seems the router never created a session (show policy-firewall sesssions doesn't show anything)

Cheers,

    Sylvain

1 REPLY
New Member

PPTP dial-in is not properly inspected by ZBF

Ok, if I disable CEF in the virtual template, I can now see the session in "show policy-firewall sesssion", but the return packets still don't make it through to me ...

245
Views
0
Helpful
1
Replies