I think it's working the way it should. THe MS client is very non-intelligent, compared to the Cisco client. I don't believe you can define for an MS client the concept of split tunneling, at least not from the PIX or router itself. You can do it from the client, after the VPN session is established. If you do a 'route print' from the Windoze box, you'll see an additional entry for the default network using the VPN adaptor, with a better metric. You can manually delete that entry, and add in any that you need with another route statement (such as saying all 172.16.0.0/12 routes should use the VPN interface). You don't have any odd configuration, such as your PIX giving out addresses in the same range as what's local to the PC? That could cause some oddities as well. But honestly, you're much better off using the Cisco client, from a security and a feature standpoint. I haven't worked with PPTP in a couple years, but I think I rememeber all the faults pretty well.
Chuck -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lyndon Tiu Sent: Monday, September 24, 2007 7:18 AM To: [EMAIL PROTECTED] Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] PIX 515E PPTP VPN Routing? I did this (it is checked by default) and I got 0.0.0.0 as the default gateway. But it does not matter either ways. I still could not do anything. Cannot ping/ssh/telnet/http to any other computer on the local LAN. No internet connection (to the outside world) either. Any more suggestions? On Mon, 24 Sep 2007 13:34:12 0800 [EMAIL PROTECTED] wrote: > on your windows client go to properties - networking - tcp/ip - advanced > > and check the box - Use default gateway on remote network > > regards, > > Lyndon Tiu wrote: > > Hi guys, > > > > I have a PIX 515E. > > > > I setup the PIX as a PPTP VPN server accepting PPTP connections from the > > outside. I have a Windows XP client on the outside connecting to the > > internal network using the PIX as the PPTP server. > > > > I followed instructions setting up the VPN and the Windows client is > > able to connect to the PIX and obtain an ip from the ip pool. > > > > Problem is, the Windows client is unable to do anything after this. It > > cannot ping any other machines on the network. > > > > I believe this is a routing issue. Can someone on this list confirm if > > routing is something I have to do separate from the VPN configuration? > > > > Ipconfig says that a default gateway is not assigned to the Windows > > client by the PIX through the PPTP VPN. Route /print shows no routes > > added by the PPTP. I do not see any PPTP VPN configuration that allows > > me to setup routes. > > > > > > > -- Lyndon Tiu _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/