sysopt connection permit-ipsec
http://www.cisco.com/en/US/products/...801e71c0.shtml
HTH
"Hank Zoeller" <> wrote in message
news:43ecdda0$0$3515$...
> I'm trying to get a VPN running using a PIX 501.
>
> I can connect and authenticate fine. When I try to map a drive, I see the
> following in the PIX log:
> No translation group found for tcp src outside:192.168.200.2/1075 dst
> inside:192.168.0.250/139
>
> I'm surprised to see the 192.168.200.2 address. That is the private
> internal address of the outside machine on it's remote LAN. But I thought
> I'd see the ip address assigned to it from the PIX VPN pool which is
> 192.168.4.1.
>
> My current config:
> ...
> access-list inside_outbound_nat0_acl permit ip 192.168.0.0 255.255.255.0
> 192.168.4.0 255.255.255.0
> ...
> nat (inside) 0 access-list inside_outbound_nat0_acl
> nat (inside) 1 0.0.0.0 0.0.0.0 0 0
> ...
> ip local pool vpn_users 192.168.4.1-192.168.4.254
> ...
> sysopt connection permit-pptp
> ...
> vpdn group PPTP-VPDN-GROUP accept dialin pptp
> vpdn group PPTP-VPDN-GROUP ppp authentication pap
> vpdn group PPTP-VPDN-GROUP ppp authentication chap
> vpdn group PPTP-VPDN-GROUP ppp authentication mschap
> vpdn group PPTP-VPDN-GROUP ppp encryption mppe auto
> vpdn group PPTP-VPDN-GROUP client configuration address local vpn_users
> vpdn group PPTP-VPDN-GROUP pptp echo 60
> vpdn group PPTP-VPDN-GROUP client authentication local
> vpdn enable outside
> ...
>
> Thanks for any help offered.
> --
> HZ
Similar Threads
