Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1678
Views
0
Helpful
4
Replies

I authenticate with my VPN client, but then I can't do anything

Go to solution
joneschw1
Level 1
Level 1

‎05-08-2004 02:16 PM - edited ‎02-21-2020 10:10 AM

I have setup the PIX to accept vpn connections from remote clients via pptp. I created a vpn session with Windows XP from the external, and authenticated fine (I think). I got an IP address from the vpdn pool, but.... I can't do anything once I am authenticated. I can't ping anything, I can't see any internal resources, etc. I am stuck. I am running 6.3.3 on a 515. Here is the relevant config. Anyones help would be greatly appreciated.

ip local pool pptp-vpdn 10.1.1.51-10.1.1.55

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol localsysopt connection permit-ipsec

sysopt connection permit-pptp

vpdn group 1 accept dialin pptp

vpdn group 1 ppp authentication chap

vpdn group 1 ppp authentication mschap

vpdn group 1 ppp encryption mppe 40

vpdn group 1 client configuration address local pptp-vpdn

vpdn group 1 client configuration dns 10.1.1.2

vpdn group 1 pptp echo 60

vpdn group 1 client authentication local

vpdn username cjones password ********

vpdn enable outside

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
4 Replies 4

Go to solution
mostiguy
Level 6
Level 6

‎05-09-2004 08:06 AM

Your IP local pool cannot consist of ip addresses that reside on the *inside* interface, because a vpn connected client resides on the *outside* interface. Try changing your ip local pool to another subnet, and report back - this is based on the assumption that 10.1.1 is the inside subnet because of the dns server being 10.1.1.2

0 Helpful

Go to solution
joneschw1
Level 1
Level 1
In response to mostiguy

‎05-09-2004 07:16 PM

So I tried changing my VPN pool to 10.3.1.x, and I got authenticated, got an IP, but can't access anything. I am still stuck unfortunately.

0 Helpful

Go to solution
jmia
Level 7
Level 7
In response to joneschw1

‎05-09-2004 11:12 PM

Chris,

Take a look at this document and let me know if it helps :

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080143a5d.shtml

Jay

0 Helpful

Go to solution
joneschw1
Level 1
Level 1
In response to jmia

‎05-10-2004 06:45 AM

Thanks for the help. This document helped me find a config error that I had. I had all the statements, but a wrong subnet

0 Helpful
Customers Also Viewed These Support Documents