?
Solved

VPN/PPTP: PIX Firewall doesn't respond to Windows "Configuration Request"

Posted on 2004-08-19
2
Medium Priority
?
304 Views
Last Modified: 2013-11-16
Hi there!

I want to set-up a VPN for the company I work for. Our developers should be able to access our office LAN from home via VPN with their Windows PCs. The office is secured by a Cisco PIX Firewall 6.2(2) which I configured to accept PPTP connections. (I have no activation key for the firewall for 3DES, so I cannot use the Cisco VPN Client.)

In my Windows I made a new dial-up connection to our firewall. When connecting the following happens (Ethereal trace):

1. Windows tries to open a PPTP connection to the PIX firewall.
2. The firewall accepts the connection.
3. A "Start-Control-Connection-Request"/"Outgoing-Call-Request" is answered by the PIX.
4. Windows sends a "Configuration-Request" which isn't answered by the firewall.

Windows keeps sending the configuration requests but the PIX (which receives the packets) wouldn't respond.

Can anyone help me?

Thanks,
wssdbd

0
Comment
Question by:wssdbd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 11846165
Here is a link to some configuration examples so you can check your configuration.
PIX configuration examples - http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

The Cisco VPN client can use the basic DES encryption so you can use it.
You can obtain a free 3des/aes activation key from https://www.cisco.com/pcgi-bin/Software/Crypto/crypto_main.pl?prod_refer=pix3des
0
 

Author Comment

by:wssdbd
ID: 11846414
Thanks for the link to the free activation key. I obtained it and will change the PIX configuration tomorrow.
0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses
Course of the Month10 days, 21 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question