Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 501 and inside VPN server

Status
Not open for further replies.
chripa

chripa

Programmer
Mar 27, 2008
10
AT
I'd like to access an internal VPN (PPTP) server, which is behind the PIX 501 (on the "inside" location).

So I created translation- und filter rules for the VPN server on the PIX for port 1723 and IP protocol GRE (47). I also unchecked "VPN passthrough for PPTP".

BUT the PIX does not allow to access the VPN server in the inside network. Connections to the Web- and Mailserver works fine; portscan too but NOT the connection to the VPN server! (???)

Is there a possibility to get this running? Maybe did I forget to make some additional changes?


Please help me - it's urgent. ;o)

Thanks in advance!
Regards, Chris
 
Sort by date Sort by votes
Why in the world would you want to use PPTP when you can use IPSEC vpns on the Pix? Post your configuration.
 
Upvote 0 Downvote
I know that theres a security risc using PPTP; but I only want to try out how to connect to a VPN (PPTP) server BEHIND the PIX... Which things do I have to do?

As already said - I opened port 1723 and protocol 47 (gre) on the PIX. This should work, but it doesn't... Just see my first thread.

If really neccessary, I can post my configuration...


Regards, Chris
 
Upvote 0 Downvote
Thanks for the tip and the weblink! But on this website, they assume that the VPN client outside has a static ip address; but my inside PPTP server uses dynamic address assigning to any host anywhere in the internet which is connected to the server (DHCP).

So - do I need to open some DHCP Ports?!?

I'm really confused... :s(


Thanks in advance -
Chris :)
 
Upvote 0 Downvote
Go ahead and post your scrubbed config and a description of the topology.


Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
Thanks for your tips - it works fine after entering a few terminal commands.

So this topic is solved for me; thanks again to all people who gave suggestions!!!


Best regards
Chris ;o)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
270
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
282
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
121
gkittelson
gkittelson
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
351
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
86
WhosYourDiffie
WhosYourDiffie

Part and Inventory Search

Sponsor

Back
Top