Solved

VPN/PPTP: PIX Firewall doesn't respond to Windows "Configuration Request"

Posted on 2004-08-19
2
295 Views
Last Modified: 2013-11-16
Hi there!

I want to set-up a VPN for the company I work for. Our developers should be able to access our office LAN from home via VPN with their Windows PCs. The office is secured by a Cisco PIX Firewall 6.2(2) which I configured to accept PPTP connections. (I have no activation key for the firewall for 3DES, so I cannot use the Cisco VPN Client.)

In my Windows I made a new dial-up connection to our firewall. When connecting the following happens (Ethereal trace):

1. Windows tries to open a PPTP connection to the PIX firewall.
2. The firewall accepts the connection.
3. A "Start-Control-Connection-Request"/"Outgoing-Call-Request" is answered by the PIX.
4. Windows sends a "Configuration-Request" which isn't answered by the firewall.

Windows keeps sending the configuration requests but the PIX (which receives the packets) wouldn't respond.

Can anyone help me?

Thanks,
wssdbd

0
Comment
Question by:wssdbd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 125 total points
ID: 11846165
Here is a link to some configuration examples so you can check your configuration.
PIX configuration examples - http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

The Cisco VPN client can use the basic DES encryption so you can use it.
You can obtain a free 3des/aes activation key from https://www.cisco.com/pcgi-bin/Software/Crypto/crypto_main.pl?prod_refer=pix3des
0
 

Author Comment

by:wssdbd
ID: 11846414
Thanks for the link to the free activation key. I obtained it and will change the PIX configuration tomorrow.
0

Featured Post

How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question