Hi everyone,
I have an issue with PPTP tunnels behind a 7201 router which does NAT Overloading for inside LAN hosts via VRF.
Users in LAN are unable to establish outgoing PPTP connections to some outside Internet servers.
I had this network up and running with older Cisco3745 with c3745-adventerprisek9-mz.124-12.bin
And I didn't have such issues. No specific NAT configuration were exist, just a ACL with NAT overload statement for outside interface.
Now I have Cisco 7201 router with c7200p-advipservicesk9-mz.124-24.T3.bin IOS image.
Currently NAT is running inside VRF instance.
I found a bug case:
•
CSCec30921
Symptoms: Point-to-Point Tunneling Protocol (PPTP) Network Address Translation (NAT) may fail.
Conditions: This symptom is observed on a Cisco router that has the VRF aware NAT feature enabled when the inside interface is part of a Virtual Private Network (VPN) routing and forwarding (VRF) instance and the outside interface is a global interface.
Workaround: Disable Cisco Express Forwarding (CEF). However, this may not be a viable workaround because the Multiprotocol Label Switching (MPLS) VPN requires CEF to be enabled.
But I think it doesn't apply to my case as I have both "inside" and "outside" interfaces belong to VRF, not just "inside" as it is described above.
I've been wondering if PPTP Passthrough feature is supported in this IOS version\platform\design.
If yes, I would like to know how to enable it, cause on 3745 I did't make any specific tuning to NAT overloading to have PPTP work.
I have to keep the VRF aware NAT design in my situation (due to some design limitations). So any suggestions are welcome.
Thanks in advance.
