I am posting here because I believe my problem is at the PIX and something
about NAT!
I was called by a client to troubleshoot this problem:
remote user (DUN/PPTP VPN)----Internet---Cisco router----PIX
firewall----PPTPserver(NT 4.0 sp4) with VPN.(in a secure network)
If I setup netbios on the VPN client (and PPTP/RAS server), users can
connect and authenticate and do whatever they can/allowed.
If I use TCP/IP, users can connect but can not authenticate. If I look at
the client's TCP/IP setting (NT w/s) with ipconfig the NDISWANx (or
whatever) gives me an IP address with the default gateway equals to its own
IP address (ras client should get all the config from the RAS server (RAS is
setup to allow the RAS clients to get config. info from the DHCP server). So
bottom line is I can not ping inside the secure network. But I can ping the
public IP address of the PPTP server (So that would be the address before
the PIX does NAT, right??). So what is going on at the cisco routers or
PIX. I did not look at the router and PIX config, YET. The client is
supposed to have experts who manage those things, he called me because in
the past I always fixed his problems. He confirmed with me that GRE packets
and tcp port 1723 are allowed/opened.
Any ideas?
Jean
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
