11-19-2010 05:32 AM
Client has Pix 515-e with multiple static NAT entries setup. One static NAT does to one division of the company, a second to a different. The first one will allow PPTP connections just fine to a 2003 RRAS server. The second has an XP box with dial in setup but cannot get it to allow PPTP into it.
I have setup rules on the firewall to allow the PPTP traffic but it doesn't work. I know traffic is going there though becuase I setup an RDP rule and that works just fine.
Any ideas on what I could be missing?
Thanks!
11-19-2010 08:02 AM
Hi,
To allow PPTP connections to the internal server you need the static NAT and the ACL permitting TCP 1723 and GRE to the NAT IP.
Do you have the ACL in place and if so, is it getting hitcounts? (sh access-list)
Federico.
11-24-2010 01:48 AM
I do not have the ACL here.
11-24-2010 06:13 AM
Daniel,
What I'm saying is that if you have a PPTP server behind the PIX, in order to access that server from the outside you need an ACL (besides the static NAT).
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide