[pix] vpdn enable dmz

Hi,

How can i enable PPTP on the DMZ interface on a PIX?
I tried 'vpdn enable dmz' together with 'sysopt connection permit-pptp',
but it won't work (telnetting to port 1723 times out).
I also have vpdn enabled on the outside interface and it works
perfectly, but if i also enable it on the DMZ interface, only outside
works and DMZ doesn't do a thing.

Thanks,

Remco Bressers

 

:How can i enable PPTP on the DMZ interface on a PIX?
:I tried 'vpdn enable dmz' together with 'sysopt connection permit-pptp',
:but it won't work (telnetting to port 1723 times out).
:I also have vpdn enabled on the outside interface and it works
erfectly, but if i also enable it on the DMZ interface, only outside
:works and DMZ doesn't do a thing.

Ah, I *knew* I'd seen this somewhere!

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/tz.htm#wp1083965


PPTP is an alternative to IPSec handling for VPN clients or
Easy VPN Remote devices. While PPTP is less secure than IPSec,
PPTP is easier to implement and maintain. Only inbound PPTP
connections are supported and only one PIX Firewall interface
can have the vpdn command enabled.

Notice that last phrase.