PIX and multiple Remote Access types

gdusenberry · ‎08-12-2004

Is it possible for a PIX to support a PPTP remote access connection AND a Cisco VPN client connection?

I have been trying to get my code right (damn thee PDM wizard) and while my PPTP coding is correct (and funtional) the moment I try to enable a Cisco VPN client, it prevents clients on the PPTP connections from seeing my network resources...

I should note, PPTP remote access users can connect to the PIX with their PPTC connection, just cannot see the network resources on the other side....

scoclayton · ‎08-12-2004

Yep, both PPTP and VPN IPSec clients are supported on a single PIX. Take a look at the sample below:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093f89.shtml

Perhaps you can post your config and we can take a look and make some comments?

Scott

gdusenberry · ‎08-25-2004

Well, I am embarrassed to say, my current PIX configuration is probably a disaster by just about anyone's standards....

bu here it is, in all its glory....

BTW, I initially attempted to use the PDM wizard to ADD a Cisco VPN client based. The wizard seemed to work: my existing PPTP clients could connect, and my test Cisco VPN client could connect, but neither connection could "see" servers on the inside (mail, data etc.)

and, this line:

access-list 101 permit ip 192.168.1.0 255.255.255.0 172.16.1.0 255.255.255.0

was changed to:

access-list inside_outbound_nat0_acl permit ip 192.168.1.0 255.255.255.0 172.16.1.0 255.255.255.0