Thank you for your reply.

I tried to create a new vpn-pool for PPTP clients.

Now inside hosts are on network 192.168.33.0/24

PPTP clients are on network 192.168.30.0/24

But it still doesn't work !

Do I need to create any route entry ?

Thank you.

Best regards

My new configuration 6.3(4):

interface ethernet0 auto

interface ethernet1 100full

nameif ethernet0 outside security0

nameif ethernet1 inside security100

hostname pixfw

names

ip address outside **DELETED** 255.255.255.248

ip address inside 192.168.33.1 255.255.255.0

route outside 0.0.0.0 0.0.0.0 **DELETED** 1

telnet 192.168.33.0 255.255.255.0 inside

global (outside) 1 interface

nat (inside) 1 192.168.33.0 255.255.255.0 0 0

access-list inbound permit icmp any any

access-group inbound in interface outside

access−list no-nat permit ip 192.168.33.0 255.255.255.0 192.168.30.0 255.255.255.0

nat (inside) 0 access−list no-nat

ip local pool vpn-pool 192.168.30.1−192.168.30.254

sysopt connection permit−pptp

vpdn group 1 accept dialin pptp

vpdn group 1 ppp authentication mschap

vpdn group 1 ppp encryption mppe auto required

vpdn group 1 client configuration address local vpn-pool

vpdn group 1 client authentication local

vpdn username cisco password cisco

vpdn enable outside

You shouldn't need the route. What happens when you attempt to connect? Are you sure your settings are correct on your pc? Are you taking the default settings with the included pptp vpn connection in Windows XP/2000?

By the way, using the 192.x.x.x networks for your internal and your pptp pool, causes issues when you start trying to surf the internet while connected to the vpn. If everything is new and not hard to change, I would do an internal network of 10.x.x.x and a pptp pool of 192.x.x.x.

P.S., before someone suggests, using split tunnel, that really doesn't work so well without using the Cisco VPN client and IPSEC.

I guess there is no problems if u have both ur inside interface 2 b in d same subnet as d VPN pool. Till date I had a perfectly working config 4 past 4-5 mths. I have recently migrated 2 192.168.x.x n/w 4 VPN & my inside n/w is 172.16.x.x. Also if I am not wrong d concept of split tunneling only works with Cisco VPN client. But inspite of making d IP addressing scheme change in my n/w I face d exact problem as mentioned in this post. Even I have put up a similar post but I have not found any successful replies. If I chk my f/w logs it shows a msg saying tht d traffic on d outside interface is not IPSec. Thus I get correctly authenticated using windows xp inbuilt PPTP VPN but no data xfer happens. But when I connect using d Cisco VPN client it works perfectly (with Split tunneling enabled). Even I wud appreciate sum help on this.