Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
791
Views
0
Helpful
3
Replies

Accessing PPTP VPN behind a Pix506e Firewall

vactech03
Level 1
Level 1

‎03-16-2005 01:52 PM - edited ‎02-21-2020 12:01 AM

I am trying to access a PPTP VPN from behind a PIX506E Firewall. I am able to connect to the VPN however it will only let me stay connected for around 3 minutes. The following are the logs from where I make the connection and then where I get disconnected.

Building connection

========================

2005-03-15 13:18:17 Local4.Info 192.xxx.xx.xx

Mar 15 2005 13:01:36: %PIX-6-302013: Built outbound TCP connection 424172 for outside:208.xxx.xxx.xx/1723 (208.xxx.xxx.xx/1723) to inside:192.xxx.xx.xx/xxxx (66.xxx.xxx.xxx/xxxxx)

2005-03-15 13:18:17 Local4.Info 192.xxx.xx.xx

Mar 15 2005 13:01:36: %PIX-6-302017: Built inbound GRE connection 424174 from outside:208.xxx.xxx.xx (208.xxx.xxx.xx) to inside:192.xxx.xx.xx/xxxxx (66.xxx.xxx.xxx/xx)

2005-03-15 13:18:17 Local4.Info 192.xxx.xx.xx

Mar 15 2005 13:01:36: %PIX-6-302017: Built outbound GRE connection 424175 from inside:192.xxx.xx.xx (66.xxx.xxx.xxx) to outside:208.xxx.xxx.xx/1723 (208.xxx.xxx.xx/1723)

Teardown connection

========================

2005-03-15 13:21:17 Local4.Info 192.xxx.xx.xx

Mar 15 2005 13:04:36: %PIX-6-302014: Teardown TCP connection 424172 for outside:208.xxx.xxx.xx/1723 to inside:192.xxx.xx.xx/xxxx duration 0:03:00 bytes 664 TCP Reset-O

2005-03-15 13:21:17 Local4.Info 192.xxx.xx.xx

Mar 15 2005 13:04:36: %PIX-6-302018: Teardown GRE connection 424174 from outside:208.xxx.xxx.xx to inside:192.xxx.xx.xx/xxxxx duration 0:03:00 bytes 2737

2005-03-15 13:21:17 Local4.Info 192.xxx.xx.xx

Mar 15 2005 13:04:36: %PIX-6-302018: Teardown GRE connection 424175 from inside:192.xxx.xx.xx to outside:208.xxx.xxx.xx/50151 duration 0:03:00 bytes 6902

At one time I added access-list to our router config for security reasons however if I take them off in case it is preventing anything from getting back in, I still get disconnected after 3 minutes.

Does the first line on the teardown connection, “TCP Reset-O” mean that I was disconnected from the remote host? Does this mean that it is not on our end? Any questions let me know. Thanks in advanced for your help.

0 Helpful
3 Replies 3

sachinraja
Level 9
Level 9

‎03-17-2005 12:59 AM

Yes...

Rest - O means that the connection has been resetted from outside.. the other end.. so, nothing needs to be done on the PIX...

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_message_guide_chapter09186a00801582b2.html

search for 302014 and you will find an explanation for this....

hope this helps.. all the best.. rate replies if found useful

Raj

0 Helpful

vactech03
Level 1
Level 1
In response to sachinraja

‎03-17-2005 04:27 AM

Thanks for your reply. Thats what I thought it was, I just wanted to make sure that I was reading it correctly. Thanks again for your help.

0 Helpful

sachinraja
Level 9
Level 9
In response to vactech03

‎03-17-2005 01:40 PM

Hello,

Mark the case as solved which will be help to others. rate replies if found useful.

Raj

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card