Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

New to PIX

Status
Not open for further replies.
Javamahn

Javamahn

Technical User
Mar 14, 2001
143
US
Where can I find a good example of how to setup a VPN providing Microsoft based clients with Windows 2000 terminal services? Many of the remote users have DSL or Cable internet connections and want to be able to dialin with those broadband connections to a terminal services system. We are currently using dedicated PCanywhere workstations over a modem so anything is an improvement. Should I use the built-in PPTP VPN connection that comes with MS 9x systems or the Cisco client? I want something that a non technical end user can install and not call me up at 3:00 am asking how to do it..:)

Thank you in Advance
 
Sort by date Sort by votes
I forgot to state that we are using a PIX 506 with 6.1 software.
 
Upvote 0 Downvote
Upvote 0 Downvote
I setup the config as per the example in the above URL. I am having trouble getting a WindowsXP Pro client to connect using the builtin PPTP client. The client is on a Cox@home cable modem with no ICS or any firewalling on the PPP connection. Using debug vpdn packets I can see the tunnel being established but then at the last moment it collapses.
Here is the last packet.

Tnl 74 PPTP: CC I 001000011a2b3c4d000300000100000047291f800200000000000000000000
000040000002000000010000000000000064bb358154bb3581010000000200...
Tnl 74 PPTP: Recvd STOPCCRQ
Tnl 74 PPTP: reason 1
Tnl 74 PPTP: CC O StopCCRP
PPTP: cc snddata, socket fd=1, len=16, data: 001000011a2b3c4d0004000001000000

I have not tried any other clients at this time. Is this XP shutting down the tunnel or is it the Pix?

The authentication is done locally right now. here is some of the PIX 506 config file. The internal network is 10.1.1.0

access-list 101 permit ip 0.0.0.0 255.255.255.0 192.168.1.0 255.255.255.0
ip local pool vpdn-pool 192.168.1.1-192.168.1.50
nat (inside) 0 access-list 101
sysopt connection permit-pptp
vpdn group 1 accept dialin pptp
vpdn group 1 ppp authentication pap
vpdn group 1 ppp authentication chap
vpdn group 1 ppp authentication mschap
vpdn group 1 ppp encryption mppe 40
vpdn group 1 client configuration address local vpdn-pool
vpdn group 1 client configuration wins 10.1.1.1
vpdn group 1 pptp echo 60
vpdn group 1 client authentication local
vpdn username cisco password *********
vpdn enable outside

I setup the WinXP system using the network wizard and chose the VPN option I left everything as default in that setup. Any help would be appreciated.

Steve Anderson (newguy)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
700
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
604
Johnkite
Johnkite
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
151
brownmab53
brownmab53
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
530
nnaarrnn
nnaarrnn
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
110
xwray
xwray

Part and Inventory Search

Sponsor

Back
Top