I have a pptp based vpn connection with client. While allowing the traffic towards internet for vpn connection, there are 2 ASA configured with PAT. I configured an IP base ACL from client to PPTP server. Initially the connection is establishing but after some time it get drops. Please suggest if it is because of the PAT, which is configured on the ASA. As per my knowledge PPTP vpn works on static nat.
Im sure you have come across this link bellow, if not PLS take a look at it to understand PPTP and GRE in PIX/ASA/FWSM.
In essence you will need a one-to-one NAT address translation. I have tested this many times using PAT in both PIX 6.x and ASA 7.x.
PPTP will work with PAT only if you have a single PPTP client in your network connecting to a PPTP server on the outside using PAT as long you have fixup protocol pptp 1723 for code 6.x and pptp inspection for code 7.x in your global policy. So..if only one source in your LAN is using PPTP you are fine, if more than one user needs to PPTP you will then need a one to one NAT.
But you have indicated that pptp connection is stablished and after a while it drops, I would suggest to look into some logs at both ends to determined what is causing the drop.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...