PPTP with PIX 501

Discussion in 'Cisco' started by Tim Mavers, Aug 8, 2004.

  1. Tim Mavers

    Tim Mavers Guest

    I have a Pix 501 firewall and am trying to connect my home PC (Behind the
    pix) to my company's VPN. The VPN works fine (as hundreds of people use
    it), but for some reason I cannot get any connection from my PC itself.

    I read through some of the Cisco help files on their web site, but I am
    still not exactly sure what I need to do (if anything) to my Pix so I can
    simply connect remotely. The example commands they gave (on their site)
    were incorrect. That is, at least for me. when I typed them in it would
    report some sort of error which seemed like a syntax thing.

    Does anyone have a simple way to configure the pix so I can connect out?
    Are there specific ports I need to have open?

    Thanks,
    Tim Mavers, Aug 8, 2004
    #1
    1. Advertising

  2. Tim Mavers

    Tim Mavers Guest

    "Tim Mavers" <> wrote in message
    news:...
    > I have a Pix 501 firewall and am trying to connect my home PC (Behind the
    > pix) to my company's VPN. The VPN works fine (as hundreds of people use
    > it), but for some reason I cannot get any connection from my PC itself.
    >
    > I read through some of the Cisco help files on their web site, but I am
    > still not exactly sure what I need to do (if anything) to my Pix so I can
    > simply connect remotely. The example commands they gave (on their site)
    > were incorrect. That is, at least for me. when I typed them in it would
    > report some sort of error which seemed like a syntax thing.
    >
    > Does anyone have a simple way to configure the pix so I can connect out?
    > Are there specific ports I need to have open?


    Just to give a little more information about my setup...

    Windows XP using MIcrosoft's connection with VPN
    Cix 501 (pretty much standard rules, I am using NAT)
    Corporate VPN server I believe is using a windows box for the VPN server

    I am not looking for anything fancy and am not that familar with the details
    of VPNs, but do I just need to allow certain inbound port access?
    Again, I am trying to establish an outbound connection (from my XP box to my
    company's VPN)...in other words, there isn't a VPN server behind my PIX.

    Thanks,
    Tim Mavers, Aug 8, 2004
    #2
    1. Advertising

  3. Tim Mavers

    PES Guest

    "Tim Mavers" <> wrote in message
    news:...
    > "Tim Mavers" <> wrote in message
    > news:...
    > > I have a Pix 501 firewall and am trying to connect my home PC (Behind

    the
    > > pix) to my company's VPN. The VPN works fine (as hundreds of people use
    > > it), but for some reason I cannot get any connection from my PC itself.
    > >
    > > I read through some of the Cisco help files on their web site, but I am
    > > still not exactly sure what I need to do (if anything) to my Pix so I

    can
    > > simply connect remotely. The example commands they gave (on their site)
    > > were incorrect. That is, at least for me. when I typed them in it

    would
    > > report some sort of error which seemed like a syntax thing.
    > >
    > > Does anyone have a simple way to configure the pix so I can connect out?
    > > Are there specific ports I need to have open?

    >
    > Just to give a little more information about my setup...
    >
    > Windows XP using MIcrosoft's connection with VPN
    > Cix 501 (pretty much standard rules, I am using NAT)
    > Corporate VPN server I believe is using a windows box for the VPN server
    >
    > I am not looking for anything fancy and am not that familar with the

    details
    > of VPNs, but do I just need to allow certain inbound port access?
    > Again, I am trying to establish an outbound connection (from my XP box to

    my
    > company's VPN)...in other words, there isn't a VPN server behind my PIX.
    >
    > Thanks,
    >


    If you are using a pix os 6.3 and MS pptp, you will probably want to
    configure the pptp fixup. From the global configuration mode type the
    following.

    fixup protocol pptp 1723

    If you are using a prior version you will have to have a static one to one
    mapping and statically permit gre.

    Take a look at
    http://www.cisco.com/warp/public/110/pix_pptp.html
    PES, Aug 8, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. driley
    Replies:
    0
    Views:
    499
    driley
    Apr 14, 2004
  2. Alex
    Replies:
    3
    Views:
    850
    Guest
    May 12, 2004
  3. Kai
    Replies:
    1
    Views:
    852
    Walter Roberson
    May 14, 2004
  4. Andrej

    PIX 501 and PPTP

    Andrej, Jul 31, 2004, in forum: Cisco
    Replies:
    0
    Views:
    461
    Andrej
    Jul 31, 2004
  5. Andre
    Replies:
    7
    Views:
    710
    Andre
    Feb 20, 2005
Loading...

Share This Page