Hello everybody!

i've got some issues with configuring my router/firewall.

it is a CISCO1941/K9 with, for now, only 1 WAN side. (there is a configuration for adsl, but for now shutdown)

i've configured the router without a firewall and as PPTP server and everything is working fine.

now i want to implement the zone-based-firewall without losing my PPTP-server, but it seems like i don't get it running.

after putting my interfaces in a zone, i loose the possibillity to connect with pptp conection to the router and i can't see why!

i don't loose any nat connections, sow that seems fine. (maybe for the other IPSEC connection and if someone has some hints?? they are welcome!!! )

but i'll test it one by one, because the letters are floating if I don't.

the first step is getting connected and after that I want to use the aaa attribute lists like i do without the zbf.

as a test i want to use vpdn-group 1 with ip local pool defaultpool .

it should be the local admin user who can connect right?

i've made interface virtual-template 5 for using as the PPTP zone.

it is quite a hard config (for me) because it has 5 inside zones, all with different rules (in the future).

it is my first time configuring the zbf so i'm sorry if it seems like a mesh...

and if you can't understand why i focus on the zbf instead on the easy things for now? that is because I allways first do the hard things so it is all getting easyer.

I tried to make my info as complete as possible, but if you need more information just ask..

the configuration is attached. (tried to hide some parameters as clear as possible to me)

thanks in advance to all who take the time..

regards,

Didier