Re: PC behind PIX515 to Win2K VPN

Discussion in 'Cisco' started by jif, Apr 1, 2004.

  1. jif

    jif Guest

    Are you using the "sysopt connection permit-ipsec" command? This command opens up all VPN required ports. If you are not using this, you need to ensure that you are allowing protocols 50 and 51 (ESP and AH) and UDP/TCP port 500 for IKE.


    "R. Bressers" <> wrote in message news:406aec07$0$33076$...
    > Hi steve,
    >
    > You propably need a newer PIX OS version (6.3(3) will do) to do PPTP
    > passthrough.
    >
    > After installing the new PIX OS, you can enable PPTP passthrough with :
    > fixup protocol pptp 1723
    >
    > regards,
    >
    > Remco Bressers
    >
    >
    >
    > Steve Birchfield wrote:
    > > I work at a company where we have a PIX 515. All ports are open from
    > > the inside but very limited access into our network from the outside.
    > > However, when I try accessing a clients Win2K VPN server from here I
    > > cannot connect. It goes to verifying username and password and stops
    > > with an error saying Error 721 - The remote computer did not respond.
    > > Though I can get in from anywhere else fine. I have verified my
    > > username and password. I tried another client as well using the same
    > > setup and I get the same results. Are there ports I need to open or
    > > settings that need to be configured on the PIX to allow VPN to work
    > > through it?
    jif, Apr 1, 2004
    #1
    1. Advertising

  2. jif

    R. Bressers Guest

    I guess if he's using the Win2K VPN server, he uses PPTP, so sysopt
    connection permit-pptp would be better in this case.

    Remco.


    jif wrote:
    > Are you using the "sysopt connection permit-ipsec" command? This command opens up all VPN required ports. If you are not using this, you need to ensure that you are allowing protocols 50 and 51 (ESP and AH) and UDP/TCP port 500 for IKE.
    >
    >
    > "R. Bressers" <> wrote in message news:406aec07$0$33076$...
    >
    >>Hi steve,
    >>
    >>You propably need a newer PIX OS version (6.3(3) will do) to do PPTP
    >>passthrough.
    >>
    >>After installing the new PIX OS, you can enable PPTP passthrough with :
    >>fixup protocol pptp 1723
    >>
    >>regards,
    >>
    >>Remco Bressers
    >>
    >>
    >>
    >>Steve Birchfield wrote:
    >>
    >>>I work at a company where we have a PIX 515. All ports are open from
    >>>the inside but very limited access into our network from the outside.
    >>>However, when I try accessing a clients Win2K VPN server from here I
    >>>cannot connect. It goes to verifying username and password and stops
    >>>with an error saying Error 721 - The remote computer did not respond.
    >>>Though I can get in from anywhere else fine. I have verified my
    >>>username and password. I tried another client as well using the same
    >>>setup and I get the same results. Are there ports I need to open or
    >>>settings that need to be configured on the PIX to allow VPN to work
    >>>through it?

    >
    >
    R. Bressers, Apr 1, 2004
    #2
    1. Advertising

  3. We are running 6.3 on the PIX. I will try that and let you know.

    Thanks,

    Steve

    "R. Bressers" <> wrote in message news:<406bc721$0$33066$>...
    > I guess if he's using the Win2K VPN server, he uses PPTP, so sysopt
    > connection permit-pptp would be better in this case.
    >
    > Remco.
    >
    >
    > jif wrote:
    > > Are you using the "sysopt connection permit-ipsec" command? This command opens up all VPN required ports. If you are not using this, you need to ensure that you are allowing protocols 50 and 51 (ESP and AH) and UDP/TCP port 500 for IKE.
    > >
    > >
    > > "R. Bressers" <> wrote in message news:406aec07$0$33076$...
    > >
    > >>Hi steve,
    > >>
    > >>You propably need a newer PIX OS version (6.3(3) will do) to do PPTP
    > >>passthrough.
    > >>
    > >>After installing the new PIX OS, you can enable PPTP passthrough with :
    > >>fixup protocol pptp 1723
    > >>
    > >>regards,
    > >>
    > >>Remco Bressers
    > >>
    > >>
    > >>
    > >>Steve Birchfield wrote:
    > >>
    > >>>I work at a company where we have a PIX 515. All ports are open from
    > >>>the inside but very limited access into our network from the outside.
    > >>>However, when I try accessing a clients Win2K VPN server from here I
    > >>>cannot connect. It goes to verifying username and password and stops
    > >>>with an error saying Error 721 - The remote computer did not respond.
    > >>>Though I can get in from anywhere else fine. I have verified my
    > >>>username and password. I tried another client as well using the same
    > >>>setup and I get the same results. Are there ports I need to open or
    > >>>settings that need to be configured on the PIX to allow VPN to work
    > >>>through it?

    > >
    > >
    Steve Birchfield, Apr 1, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Andrea

    Need help with Pix515 VPN

    Andrea, Jan 12, 2004, in forum: Cisco
    Replies:
    0
    Views:
    1,689
    Andrea
    Jan 12, 2004
  2. Eldridge
    Replies:
    1
    Views:
    393
    Walter Roberson
    Feb 2, 2004
  3. Ueli

    PPTP VPN through PIX515

    Ueli, Jan 25, 2006, in forum: Cisco
    Replies:
    0
    Views:
    657
  4. AJ
    Replies:
    1
    Views:
    528
    Walter Roberson
    Apr 11, 2006
  5. dominsz
    Replies:
    0
    Views:
    1,593
    dominsz
    Jun 21, 2006
Loading...

Share This Page