DISQUS

DISQUS Hello! Tech-Recipes is using DISQUS, a powerful comment system, to manage its comments. Learn more.

Community Page

Tech-Recipes

Cookbook of Tech Tutorials
Jump to original thread »
Author

PPTP (Point-to-Point Tunneling Protocol) through PIX Firewall | Cisco firewall | Tech-Recipes

Started by qdideas · 9 months ago

No excerpt available. Jump to website »

6 comments

  • ok I'm a newbie when it comes to setting up this pix. When I add that static statement and the other access-list commands I can get into the network via vpn just fine, but all the computers on the inside network lose internet access. I took out the access-list and still had the same problem so I'm pretty sure it's caused by that static entry. Can anyone tell me what I'm doing wrong?
  • I've got a same problem... If I delete the static rule, all other computers have an Internet access otherwise not :? :cry:
  • Try adding "fixup protocol pptp 1723" instead of all of the changes above.
  • you need to check your recipe! you should never open port 137,138,139 to any machine from the internet.

    PPTP uses TCP 1723 and GRE (protocol 47)

    ports 137-139 are opening HUGE HOLES in your network security. Especially if it is to a Microsoft server, esentialy you have told people to open their windows shares to the World. NEVER OPEN these ports.

    I don't coment on much but this is bad networking practices at their worst.
  • <ul id="quote"><h6>Anonymous wrote:</h6>Try adding "fixup protocol pptp 1723" instead of all of the changes above.</ul>

    This is right on, works like a champ. This only works in PIX version 6.3.3 and up.

    The fixup now takes care of translating the GRE tunnel to a natted internal ip.
  • There is a nice solution for Connecting a Cisco PIX to Windows Vista.
    Configure L2TP without certificates to seamlessly migrate from PPTP to L2TP.
    http://support.dmu.edu/VistaandCiscoPIXpptp/ind...

Add New Comment

Returning? Login