http://tech-recipes.disqus.com/Cookbook of Tech TutorialsenThu, 11 Jan 2007 08:58:12 -0000http://www.tech-recipes.com/rx/382/pptp-point-to-point-tunneling-protocol-through-pix-firewall/#comment-2767415There is a nice solution for Connecting a Cisco PIX to Windows Vista.<br>Configure L2TP without certificates to seamlessly migrate from PPTP to L2TP.<br><a href="http://support.dmu.edu/VistaandCiscoPIXpptp/index.html" rel="nofollow">http://support.dmu.edu/VistaandCiscoPIXpptp/ind...</a>AnonymousThu, 11 Jan 2007 08:58:12 -0000http://www.tech-recipes.com/rx/382/pptp-point-to-point-tunneling-protocol-through-pix-firewall/#comment-2767414&lt;ul id="quote"&gt;&lt;h6&gt;Anonymous wrote:&lt;/h6&gt;Try adding "fixup protocol pptp 1723" instead of all of the changes above.&lt;/ul&gt;<br><br>This is right on, works like a champ. This only works in PIX version 6.3.3 and up.<br><br>The fixup now takes care of translating the GRE tunnel to a natted internal ip.AnonymousMon, 28 Mar 2005 02:53:40 -0000http://www.tech-recipes.com/rx/382/pptp-point-to-point-tunneling-protocol-through-pix-firewall/#comment-2767413you need to check your recipe! you should never open port 137,138,139 to any machine from the internet. <br><br>PPTP uses TCP 1723 and GRE (protocol 47) <br><br>ports 137-139 are opening HUGE HOLES in your network security. Especially if it is to a Microsoft server, esentialy you have told people to open their windows shares to the World. NEVER OPEN these ports.<br><br> I don't coment on much but this is bad networking practices at their worst.koTue, 07 Dec 2004 09:35:15 -0000http://www.tech-recipes.com/rx/382/pptp-point-to-point-tunneling-protocol-through-pix-firewall/#comment-2767412Try adding "fixup protocol pptp 1723" instead of all of the changes above.AnonymousTue, 23 Nov 2004 09:21:07 -0000http://www.tech-recipes.com/rx/382/pptp-point-to-point-tunneling-protocol-through-pix-firewall/#comment-2767411I've got a same problem... If I delete the static rule, all other computers have an Internet access otherwise not :? :cry:AnonymousTue, 24 Aug 2004 21:15:38 -0000http://www.tech-recipes.com/rx/382/pptp-point-to-point-tunneling-protocol-through-pix-firewall/#comment-2767410ok I'm a newbie when it comes to setting up this pix. When I add that static statement and the other access-list commands I can get into the network via vpn just fine, but all the computers on the inside network lose internet access. I took out the access-list and still had the same problem so I'm pretty sure it's caused by that static entry. Can anyone tell me what I'm doing wrong?FluffyWed, 12 May 2004 04:15:16 -0000