Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
546
Views
0
Helpful
2
Replies

pptp & windows XP connects but cannot see pix side

behandla123
Level 1
Level 1

‎03-22-2006 09:46 AM - edited ‎02-21-2020 12:47 AM

Hi have a small issue with my pptp vpn connection. I followed the instructions as seen on http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080143a5d.shtml

the problem I have is that after the PPTP connects to the pix I cannot see any machines on the pix side and vice versa. here is my config:

access-list nonat permit ip 10.10.24.0 255.255.255.0 10.10.25.0 255.255.255.0

pager lines 24

logging on

logging monitor informational

logging history informational

mtu outside 1500

mtu inside 1500

ip address outside 66.x.x.x.255.255.240

ip address inside 10.10.24.3 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

ip local pool my-addr-pool 10.10.25.10-10.10.25.20

pdm history enable

arp timeout 14400

nat (inside) 0 access-list nonat

route outside 0.0.0.0 0.0.0.0 66.29.1.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server LOCAL protocol local

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

sysopt connection permit-ipsec

sysopt connection permit-pptp

telnet timeout 5

ssh timeout 5

console timeout 0

vpdn group 1 accept dialin pptp

vpdn group 1 ppp authentication mschap

vpdn group 1 ppp encryption mppe auto

vpdn group 1 client configuration address local my-addr-pool

vpdn group 1 client configuration dns 34.x.x.1

vpdn group 1 pptp echo 60

vpdn group 1 client authentication local

vpdn username client1 password *******

vpdn enable outside

terminal width 80

0 Helpful
2 Replies 2

jmia
Level 7
Level 7

‎03-23-2006 04:38 AM

Have you got fixup enabled for pptp, if not can you enable this in config mode:

fixup protocol pptp 1723

Jay

0 Helpful

kevinglong
Level 1
Level 1

‎03-24-2006 07:12 PM

I have never used pptp but I discovered the command "isakmp nat-traversal 20" when I could not see my computer on the local side of the pix when I was attempting a connection behind another firewall.

If I had a public IP address my access worked without this command.

Good luck.

Kevin

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card