Unable to map drive through tunnel

Doug · ‎02-10-2006

When I connect to my PIX 501 (6.3(4)) from outside I authenticate and can ping the internal machines OK. But I can't map any shares on those machines.

When I try to map a drive, I see the following in the PIX log:

No translation group found for tcp src outside:192.168.200.2/1075 dst inside:192.168.0.250/139

I'm surprised to see the 192.168.200.2 address. That is the private internal address of the outside machine on it's remote LAN. I would thought I would see the ip address assigned to it from the PIX VPN pool which I have verified to be 192.168.4.1.

My current config:

...

access-list inside_outbound_nat0_acl permit ip 192.168.0.0 255.255.255.0 192.168.4.0 255.255.255.0

...

nat (inside) 0 access-list inside_outbound_nat0_acl

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

...

ip local pool vpn_users 192.168.4.1-192.168.4.254

...

sysopt connection permit-pptp

...

vpdn group PPTP-VPDN-GROUP accept dialin pptp

vpdn group PPTP-VPDN-GROUP ppp authentication pap

vpdn group PPTP-VPDN-GROUP ppp authentication chap

vpdn group PPTP-VPDN-GROUP ppp authentication mschap

vpdn group PPTP-VPDN-GROUP ppp encryption mppe auto

vpdn group PPTP-VPDN-GROUP client configuration address local vpn_users

vpdn group PPTP-VPDN-GROUP pptp echo 60

vpdn group PPTP-VPDN-GROUP client authentication local

vpdn enable outside

...

Thanks for any help!

-Doug

spremkumar · ‎02-13-2006

hi

Can you tell me where you have defined this block 192.168.200.2 ?? cozi see that you have configured 192.168.4.0 as your vpn pool for the ravpns ..

also if possible can you post out the full config wiht the public ips and passwords masked ...

regds