HI i have a Cisco 800 series router, it seems to be blocking a pptp connection going through it. HELP worth 500?


I have a cisco 800 series router. I'm trying to connect to a server behind it, though a microsoft pptp client. But the router doesn't allow it. It gets to the registering computer on network stage after verifying user name and password then bugs out and says server could not allocate an IP address. I read on the net somewhere that pptp and the cisco router both use GRE or something, they apartently conflict or something. Is there an access list or something i can setup to allow protocol access for GRE.

Or another solution if this is complete crap?


Who is Participating?
Scotty_ciscoConnect With a Mentor Commented:
you would do this

IP nat inside source static TCP 192.168.1.x 1723 interface e0 1723

where 192.168.1.x is the server address and the interface e0 is the address of the public interface on your router and port 1723 is for pptp
Hi xaero_cool,
What are you using to configure the router?  The CLI?

Don JohnstonInstructorCommented:

I ran into a similar situation before and it turned out to be that the DHCP service was not running on the server.

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

xaero_coolAuthor Commented:
I'm using the command line interface, and the DHCP is enabled becasue i can connect using a cisco VPN client and it works perfectly but pptp doesn't.

Any ideas?

Asta CuCommented:
Have Cisco Router, was in the news, may be pertinent
You need to do a "one to one" NAT translation to use PPTP through your router.  Yes, its because of the GRE protocol PPTP uses.  If you don't have a second public IP address to do a "one to one" NAT, you will need to look at a different solution.  What about using L2TP instead of PPTP?  You should then be able to forward TCP port 1701 and UDP port 500 to the VPN server.
xaero_coolAuthor Commented:
whats the command lines i would use to do the one to one NAT?
JFrederick29Connect With a Mentor Commented:
One to one NAT would be:

ip nat inside source static 192.168.x.x y.y.y.y (where y.y.y.y is your public IP address).
xaero_coolAuthor Commented:
Is there any other way if i didn't have a spare Ip address, and when you say spare i have a patch panel with a number of IP addresses which are all behind a router. The have extrenal access but through the router or do u mean an extra IP address on the same level as the router?
You would need another IP address from your ISP.  A routable, public IP address like the one assigned to the outside interface of your router, not an internal, private IP address.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.