has anybody familiar with PPTP/gre?
Here is my scenario:
NT 4 inside-PIX-outside--internet
--PC
NT4 has PPTP server(MS built in) running inside the pIX. PCs over the internet are able to establish GRE tunnel. We allow PPTP/GRE port/protocol open from any to the PPTP server on PIX. However if we try to put a pc directly on the PIX outside network to establish the gre, jsut not work. The PIX configuration has ACL open for sure to allow this PC to esatablish pptp/gre with the server.
Here is the troubleshooting I did:
1. Ping the public address of the NT 4, works.
2. telnet public 1723, works.
But gre can't establish.
I am wondering since the pc is on the same subnet as PIX outside address as well as the NT 4 public address, the tunnel target address is the NT 4 public address on the PC pptp client configuration, will FW think they are on the same network and didn't want to establish the GRE at all?
Thanks