?
Solved

How can I setup the PPTP VPN in Cisco PIX?

Posted on 2005-04-06
3
Medium Priority
?
409 Views
Last Modified: 2013-11-16
I using the following command to create the PPTP VPN:
- ip local pool PPTP_POOL 10.128.2.220-10.128.2.240
- vpdn group HK_PPTP accept dialin pptp
- vpdn group HK_PPTP ppp authentication pap
- vpdn group HK_PPTP ppp authentication chap
- vpdn group HK_PPTP ppp authentication mschap
- vpdn group HK_PPTP ppp encryption mppe auto required
- vpdn group HK_PPTP client configuration address local PPTP_POOL
- vpdn group HK_PPTP pptp echo 60
- vpdn group HK_PPTP client authentication local
- vpdn username admin password *********
- vpdn enable outside

I can connect to PIX througth PPTP VPN but can't ping any internal address either the PIX inside interface. Is I need to enable some rule to permit PPTP IP pool to inside LAN?
0
Comment
Question by:kennycpu
  • 2
3 Comments
 
LVL 19

Expert Comment

by:nodisco
ID: 13719864
If you are using your PIX to nat:

access-list 101 permit ip X.X.X.X 255.255.255.0 10.128.2.0 255.255.255.0       (where X.X.X.X is ip range of local lan)

nat (inside) 0 access-list 101

sysopt connection permit-pptp

That should get you in
0
 

Author Comment

by:kennycpu
ID: 13724813
How about the PPTP IP pool and the local lan network same as 10.128.2.0 ?
e.g
access-list 101 permit ip 10.128.2.0 255.255.255.0 10.128.2.0 255.255.255.0 (I think that is unvalid!!)
0
 
LVL 19

Accepted Solution

by:
nodisco earned 400 total points
ID: 13724948
damn right!

Cannot have the same ip range as the lan - it won't pass the traffic
You should change the local ip pool range to something different - just use a 192.168.1.10-192.168.1.40 or something similar
0

Featured Post

The IT Degree for Career Advancement

Earn your B.S. in Network Operations and Security and become a network and IT security expert. This WGU degree program curriculum was designed with tech-savvy, self-motivated students in mind – allowing you to use your technical expertise, to address real-world business problems.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month15 days, 3 hours left to enroll

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question