PPTP vpn users unable to ping/access inside resources after connect
Posted on 2005-05-12
I have site to site vpn and dns working fine.
Remote vpn access connection goes fine and authenticates with 2k3 server, using PPTP.
From PPTP client I'm unable to ping or access any internal resources.
I have two site-site connections coming in using 10.70.23.xx and 10.70.22.xx, PPTP VPN users should be assigned 10.70.24.xx and servers that are behind the firewall are 10.70.21.xx
I'm guessing my problem is in the ACL.
Here's some of my config settings.
access-list 101 line 1 permit ip 10.70.21.0 255.255.255.0 10.70.0.0 255.255.0.0 (hitcnt=154)
access-list 101 line 2 permit ip 10.70.21.0 255.255.255.0 10.70.24.0 255.255.255.0 (hitcnt=0)
global (outside) 1 interface
nat (inside) 0 access-list 101
nat (inside) 1 0.0.0.0 0.0.0.0
ip local pool pptp-pool 10.70.24.1-10.70.24.50
sysopt connection permit-ipsec
vpdn group 1 accept dialin pptp
vpdn group 1 ppp authentication pap
vpdn group 1 ppp authentication chap
vpdn group 1 ppp authentication mschap
vpdn group 1 ppp encryption mppe auto
vpdn group 1 client configuration address local pptp-pool
vpdn group 1 client configuration dns 10.70.21.9
vpdn group 1 client authentication aaa AuthInbound
vpdn group 1 pptp echo 60
vpdn enable outside