yeeeesh! now hanging my head in shame in accordance with Jon's wishes :(
-----Original Message----- From: Jon Carnes [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 01, 2005 10:54 PM To: Triangle Linux Users Group discussion list Subject: Re: [TriLUG] Cisco PIX 515 In a word Steve, you are hosed. Do yourself a favor and spend $60 on a Linksys firewall - put that in parallel with your Pix and never tell your boss... Seriously, do you have an old spare computer laying around that works but is too old to be a workstation? If yes, you are in luck. Install OpenBSD on that sucker and then simply follow the examples (in the man pages) for allowing PPTP to pass through. OpenBSD is a real firewall and far superior to any PIX. I love Cisco. I hate the PIX. It's a piece of garbage and I wish folks would use them for something more appropriate like a door-stop or small boat anchor. Even a low end PIX costs as much as a nice PC, and you have to contend with <gasp> user licensing.... I would hang my head in shame if I ever owned a PIX firewall. And that is the straight dope from, Jon Carnes On Tue, 2005-03-01 at 17:00, Steve Hoffman wrote: > I have a cisco PIX 515 firewall running OS 6.0. I'm trying to get it > to allow PPTP pass through, but am coming up empty. I'm connecting to > a Windows VPN which I can't change, although I was first trying to > connect with pptpclient for linux so this is On Topic! That kept > failing so I tried to connect from a win box and got the same results. > I'm almost positive the PIX is to blame as there is no error on the > VPN server (in fact, no indication a connection was even made) but I > am able to connect fine from inside the network using the same > pptpclient config on a different machine, but that's pretty much > useless to me as I want to connect from home. > > Does anyone know how to configure that? From all I've read on the > net, I need a newer version of the OS, but haven't been able to find > it anywhere. I'm hoping someone just knows how to enable the > passthrough as trying to purchase OS upgrades from Cisco has always > been a nightmare. I've opened up port 1723 on the pix and can telnet > to it fine, not that I know what to type once I get to the prompt. > > Any suggestions welcome and greatly appreciated! > > > Thanks, > Steve -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
