02-18-2008 04:42 AM - edited 03-09-2019 08:07 PM
Basically we have a remote office and we from there we have a ADSL line. We configured Microsoft PPTP VPN to connect to our Head Office. We have PIX 525 at our head office which is terminating the VPN connections. The problem is we are not able to establish a multiple VPN session, only one machine can connect and the others are not.
02-18-2008 11:15 AM
is this PPTP terminating on Pix ?
Can you paste the config here
02-18-2008 11:22 AM
that's how PPTP works especially if your
windows PPTP machines are behind a "hide"
or "PAT" device. Use static nat 1-to-1
if you want multiple windows machine to
connect to your Pix via pptp.
CCIE Security
02-18-2008 07:56 PM
VPN is terminated on a PIX 525 FW.
Is there any work around to solve this issue aside from using 1-to-1 NAT? How about using Cisco VPN client?
02-18-2008 08:33 PM
With Cisco VPN client, I think it is possible
because if you enable NAT-T (aka udp-4500),
in theory, it should work with multiple
VPN client machine behind a "hide" NAT or
"PAT" device because it's UDP. However,
I've never tried it because I never have to
implement it in a production environment.
Problem with PPTP is that you have to pass
both GRE and tcp port 1723 and GRE is the one
causing problem for multiple clients behind
a PAT device.
CCIE Security
02-18-2008 08:26 PM
Hi cisco24x7, We tested it using Leased Line and all clients are able to establish a VPN connection simultaneously.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide