PPTP on Cisco ASA or PIX 6.3 or later code

Posted March 19, 2007 by Al Banks in Cisco firewall

In PIX 6.3 and later, support for PPTP through the PIX has been added.

Before version 6.3, a PIX needed to be configured to allow the GRE tunnel back from a PPTP server.

As of version 6.3, the firewall merely needs:

fixup protocol pptp 1723

Prior to 6.3, the following was needed:

static (inside,outside) outside_ip inside_ip netmask

access-list pptp-acl permit gre host remote_pptp_server_ip host outside_ip

access-group pptp-acl in interface outside

The Cisco document: http://www.cisco.com/warp/public/110/pix_pptp.html

The Conversation

Follow the reactions below and share your own thoughts.

Leave a Reply