PPTP with PIX 501

Discussion in 'Cisco' started by Tim Mavers, Aug 8, 2004.

    I have a Pix 501 firewall and am trying to connect my home PC (Behind the
    pix) to my company's VPN. The VPN works fine (as hundreds of people use
    it), but for some reason I cannot get any connection from my PC itself.

    I read through some of the Cisco help files on their web site, but I am
    still not exactly sure what I need to do (if anything) to my Pix so I can
    simply connect remotely. The example commands they gave (on their site)
    were incorrect. That is, at least for me. when I typed them in it would
    report some sort of error which seemed like a syntax thing.

    Does anyone have a simple way to configure the pix so I can connect out?
    Are there specific ports I need to have open?

    Tim Mavers, Aug 8, 2004
    Just to give a little more information about my setup...

    Windows XP using MIcrosoft's connection with VPN
    Cix 501 (pretty much standard rules, I am using NAT)
    Corporate VPN server I believe is using a windows box for the VPN server

    I am not looking for anything fancy and am not that familar with the details
    of VPNs, but do I just need to allow certain inbound port access?
    Again, I am trying to establish an outbound connection (from my XP box to my
    company's VPN)...in other words, there isn't a VPN server behind my PIX.

    Tim Mavers, Aug 8, 2004
    If you are using a pix os 6.3 and MS pptp, you will probably want to
    configure the pptp fixup. From the global configuration mode type the

    fixup protocol pptp 1723

    If you are using a prior version you will have to have a static one to one
    mapping and statically permit gre.

    Take a look at
    PES, Aug 8, 2004
