PIX and PPTP [7:32593]
We are using a PIX 520, running PIX Version 4.4(8). I have opened tcp/udp port 1723 for our outside office members to connect to our W2K VPN Server. I can get the intial connect (shown in the SH CONN command), but it never finsihes the final handshake. Any problems with this verison of the PIX IOS not allowing PP2P connection thru? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32593t=32593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX and PPTP [7:32593]
Man am I having trouble finding time to keep up with the postings. You need to permit GRE through as well. PPTP consists of a tcp control session and a GRE data channel. This way loss on the underlying transport directly affects the data path rather than having the messy tcp over tcp interactions when the network is pretty lossy or an LFN. Darrell Chris Headings wrote: We are using a PIX 520, running PIX Version 4.4(8). I have opened tcp/udp port 1723 for our outside office members to connect to our W2K VPN Server. I can get the intial connect (shown in the SH CONN command), but it never finsihes the final handshake. Any problems with this verison of the PIX IOS not allowing PP2P connection thru? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32594t=32593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and PPTP [7:32593]
conduit permit gre host 1.1.1.1 any replace 1.1.1.1 with your outside IP of your VPN server -Original Message- From: Chris Headings [mailto:[EMAIL PROTECTED]] Sent: Saturday, January 19, 2002 4:10 PM To: [EMAIL PROTECTED] Subject: PIX and PPTP [7:32593] We are using a PIX 520, running PIX Version 4.4(8). I have opened tcp/udp port 1723 for our outside office members to connect to our W2K VPN Server. I can get the intial connect (shown in the SH CONN command), but it never finsihes the final handshake. Any problems with this verison of the PIX IOS not allowing PP2P connection thru? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32595t=32593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX and PPTP [7:32593]
OK...I tried allowing GRE (47) thru. However the remote workstation still shows an established connection (via netstat -n on the workstation), but adding 47 as a conduit permit in the PIX did not fix the problem... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32596t=32593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX and PPTP [7:32593]
GREAT/ Thanks it worked. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32597t=32593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
