Pix 515 v 5.2(5) VPN out to external network problems

[gmontano]

Hi, We have a PIX 515 set up for VPN. Users can VPN in successfully. The problem lies when a user on the internal network needs to VPN (pptp) out to external network (not ours). On our backup t1 I have a sonicwall firewall and that can VPN out. The PIX seems to block it by default and I can't seem where to find to let an inside user VPN out. The setup is pretty basic; NAT is enabled, one PAT.

Any help would be greatly appreciated. Thanks - Greg

 

[Bluecrack]

In generally to allow a user inside to VPN out using PPTP you need to allow GRE (ip protocol 47) and TCP 1723 out through the firewall. I'm not sure if the PIX has problems with allowing outbound PPTP connections when PAT is in use. Sorry about that. Sorry for the rushed response, but I hope it helps.

 

[chrislehr]

I have seen this also, but have yet to find a way to get it to work using NAT. Any help??