Re: Should be easy VPN

Wed, 18 Oct 2000 20:33:14 -0700 

did you create an access-list and specify the pptp addresses no be NATed as the packets
leave the pix?

Assuming the pool is 10.10.20.1-10.10.20.254 and the internal address are
10.10.10.1-10.10.10.254

access-list 100 permit ip 10.10.10.0 255.255.255.0 10.10.20.0 255.255.255.0 this will
specify the address that you will not NAT

nat (inside) 0 access-list 100 tells the pix no to NAT the address in access-list 100.

here is a link to Cisco's PPTP sample PIX config.

http://www.cisco.com/warp/public/110/pptppix.html

hope this helps.

Todd
CCNP/CCDP


"Parris, Brian" wrote:

>         I am using a PIX for a VPN Solution in my SOHO.  I am using PPTP
> because that is the easy way out.  After a lengthy struggle, I can finally
> take a Windows NT laptop and dial into an ISP and then use RAS to connect
> and authenticate on my PIX via PPTP.
>
>         My PIX issues my laptop an IP address from the local pool.  My local
> pool is issuing a portion of addresses that I have omitted from DHCP on my
> LAN.  When I do an IPCONFIG on my laptop I can see the IP address issued
> from the ISP and the IP address issued from the PIX.
>
>         Here's the problem:  I can't ping anything on my LAN including my
> "Inside" port from my laptop.  When I telnet from my LAN into my PIX, I
> can't ping my laptop,  But I can ping the address on the laptop that was
> issued by the ISP.  When I do a "show vpdn", I see an active tunnel but the
> only IP address I see is the one on the laptop from the ISP.
>
> Can anybody explain to me why the PIX would not be routing the IP address
> that it issued to the laptop across the inside and outside ports.
>
> TIA,
> Brian Parris
> Network/Systems Administrator
> www.carotek.com
>
> _________________________________
> FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to