Solved

Microsoft VPN Cisco Firewall Configuration

Posted on 2004-08-09
6
730 Views
Last Modified: 2010-04-12
Let's say we have the IP address 69.39.1.2. We have a Cisco 1720 router/firewall that performs NAT. I need people to be able to use the Microsoft VPN client connection to be able to login to our Server 2000 network. I thought we had things configured correctly (an outsourced IT company set things up when the company was smaller), but when I try to connect to our network I get an error. I made a screenshot. You can see it by clicking on the following link:

http://www.mckeough.com/screenshot.jpg

The IP that I sprayed out in the screenshot is the outside IP of our Cisco. In other words it's the one you can ping from anywhere in the world.

I've connected to our servers via a microsoft VPN internally, so I know this error isn't a security negotiation error with our server. I think it has to do with our Cisco not being configured to handle PPTP or something like that. However I'm not experienced with Ciscos, so I'm not sure. If anyone wants me to, I know enough to pull up configuration information on our router.
0
Comment
Question by:mckeough
  • 3
  • 3
6 Comments
 
LVL 23

Expert Comment

by:Tim Holman
ID: 11757384
0
 

Author Comment

by:mckeough
ID: 11761785
I'm pretty sure I just need to configure our Cisco to forward PPTP connection requests to our server. How do I do that?
0
 

Author Comment

by:mckeough
ID: 11762881
I read the link that was posted. It doesn't apply to this situation. Also, does anyone know about Cisco's client software? Maybe we need to use that.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
ID: 11766559
If you configure the Cisco router to allow GRE (protocol 47) and PPTP (1723) then PPTP clients should work behind NAT without any problems.

http://cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a00800949c0.shtml
0
 

Author Comment

by:mckeough
ID: 11771948
Tim, that looks like what I'm looking for! So, if I configure GRE and PPTP, I can use the regular Microsoft VPN client, right? I'm just making sure because I know Cisco has their own thin client as well.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 11773361
Yes - that's right.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now