05-07-2008 03:59 PM - edited 03-11-2019 05:41 AM
first:
i read cisco document:
pptp client is in inside,
pptp server is in outside.
when i donot use firewall, the pptp connection can establish successfully.
but use pix 525 7.0(7)
i config:
inspect pptp.
pptp connection cannot setup.
show connection in pix:
pptp tcp 1723 is ok.
gre connection only one "E" flag, E means 'outside back connection'.
i try second method:
delete 'inspect pptp',
permit tcp 1723 and gre traffic from outside to inside, and i have config static nat,
but the pptp connection cannot work too.
so i think there is a pptp bug exist in pix 7.0(7).
can you help me about the question?
thanks a lot.
05-13-2008 06:04 AM
You can only have one PPTP/L2TP connection through the PIX Security Appliance when you use PAT. This is because the necessary GRE connection is established over port 0 and the PIX Security Appliance only maps port 0 to one host.
refer the following url for pptp configration and troubleshooting on PIX
05-13-2008 04:44 PM
i donot need config pptp client or server on pix,
i just want pptp traffic pass through pix firewall.
01-20-2009 12:54 PM
I had the same issue. When I put in the inspect pptp command, I got the same results as you did. FWIW - I entered the old "fixup protocol pptp 1723" (which is just supposed to add the "inspect pptp", right?). Now all of a sudden it's working. Only difference is I'm running 8.03 code.
01-20-2009 07:46 PM
Here is an excerpt from cisco doc
http://www.cisco.com/en/US/docs/security/pix/pix70/release/notes/pix707rn.html#wp252214
Features not Supported in Version 7.0
The following features are not supported in Version 7.0(7):
â¢PPPoE
â¢L2TP over IPSec
â¢PPTP
HTH.....
07-11-2011 07:04 AM
I have the same environment of "xl_liu", follows information:
access-list inside_access_in permit gre host
access-list inside_access_in permit tcp host
access-group inside_access_in in interface INSIDE
policy-map global_policy
class inspection_default
inspect pptp
The unique solution in case above is PIX/OS upgrade?
Thanks for colaboration!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide