Re: PPTP to router w/ cbac not working?

jasonhumes · ‎02-24-2005

Hi

I've got a router running cbac and 12.3 code...I've followed the docs online for how to configure the vpdn group and all that, and I've got vpdn debug turned on...yet I never see any pptp debug messages when my clients try and fail to connect. Here is my vpdn config;

vpdn enable

!

vpdn-group 1

! Default PPTP VPDN group

accept-dialin

protocol pptp

virtual-template 1

interface Virtual-Template1

ip unnumbered FastEthernet0/0

peer default ip address pool bigpool

no keepalive

ppp encrypt mppe auto

ppp authentication pap chap ms-chap

And on my outside access-list i've allowed tcp 1723 in. Why is this not working. THanks

jason

michael.crocker · ‎02-24-2005

Try using "debug ppp negotiation" and "debug ppp authentication" to help track down the problem. You also need to allow the protocol GRE as well on your outside interface.

Sample

access-list 100 permit gre any any

Philip D'Ath · ‎02-25-2005

This is broken in most of the 12.3 code.

The last known version of code that I know this works on Cisco 837's is:

c837-k9o3sy6-mz.122-13.ZH4.bin

You may be able to get this version for you router.

PPTP is being phases out, and you will fine trying to get support for it in IOS increasingly harder.

clayhawks · ‎02-13-2006

Are you also allowing ip protocol 47 (GRE) inbound on the external interface?