Outbound PPTP VPN through PAT

[AnonGod]

Just installed a new 5GT and having trouble VPN'ing out from any PC's that are using the interface (or DIP) ip. Logs show the outbound PPTP connection, but not the following GRE connection. (xp vpn client hangs at authentication.)

Now, on my servers that have MIP's, the connection goes through fine.

Trust-Untrust policy is ANY/ANY/PERMIT/LOG with natting done through the policy. Interface is set to route. (tried moving these around, no luck).

The VPN's work fine when i reset default gateway to our old Cisco PIX, so pretty sure the VPN server is fine. This has not worked since we initially set up the NS.

Any help is appreciated.

Thanks!
-Andrew

[Signature modified by admin request]
-TAG
anongod@hotmail.com
'Drawing on my fine command of language, I said nothing.'

 

[AnonGod]

Note: We have a NS-20 as well with the same config and the same problems. Has to be a config issue right? New to Juniper firewalls, so learning what I can.

Thanks
-Andrew

[Signature modified by admin request]
-TAG
anongod@hotmail.com
'Drawing on my fine command of language, I said nothing.'

 

[AnonGod]

Love it when you can solve your own issue...

I needed to set up a Fixed-Port DIP to channel PPTP traffic through - works for one client, NOT for multiple clients. I assume if the DIP pool was multiple IP's it would be fine. Still hoping to find an answer where I can use one external IP.

http://kb.juniper.net/CUSTOMERSERVICE/index?page=kbdetail&record_id=0244022611e8310108012c3c19029df

Thanks
-Andrew

[Signature modified by admin request]
-TAG
anongod@hotmail.com
'Drawing on my fine command of language, I said nothing.'

 

[AnonGod]

Noticing the same problem with multiple outbound FTP connections.... beginning to wonder if Netscreen was a good idea...

:\ -Andrew

[Signature modified by admin request]
-TAG
anongod@hotmail.com
'Drawing on my fine command of language, I said nothing.'