cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
772
Views
3
Helpful
3
Replies

ASA 5505 and PPTP tunnel

scott.bridges
Beginner
Beginner

This could be related to a previous conversation of mine: http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Firewalling&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.2cd34318

This has now come up:

Host A on my network (behind the ASA) can connect to this 3rd Party vendor, Host B, through Host B's PPTP VPN tunnel.

Once connected, they run a proprietary program and have no issues. The problem is that Host B needs to be able to print to Host A's printer. When he tries to bring up \\10.10.10.33\ (host a's vpn address), he gets an error. Yet they are able to ping back and forth fine.

Another thing: Host A can bring up Host B's shared items ( \\10.10.10.32\ ).

So is there anything else that needs to be enabled on the ASA? Last time, the solution was adding "inspect pptp" and all was good. Anything else I'm missing?

Thanks for any help

3 Replies 3

Panos Kampanakis
Cisco Employee
Cisco Employee

PPTP inspection should be enough.

Depending on the ASA code version there was a defect on the ASA that would cause tunnel PPTP issues. That is CSCsy87867 fixed in 7.2.4.32 and 8.0.4.30.

Captures on the inside and outside of the ASA could show you packets dropped when you try to bring up the shared items.

PK

Hmm,

I have this:

ciscoasa# sh ver

Cisco Adaptive Security Appliance Software Version 7.2(4)

Device Manager Version 5.2(4)

I can't tell if this is .32 or not. Is there a way to know for sure?

You are not running .32 If you were it would say 7.2(4) 32 in that "show ver" output.

-heather

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers