Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Shaun E on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CISCO PIX 506E - VPN only works when on same public subnet 1

Status
Not open for further replies.
etaketa

etaketa

Technical User
May 4, 2005
43
US
I have a cisco pix 506E and I ran through the VPN wizard for PPTP with the username and password database the pix has built in.

We have a T-1 Line and it has a bunch of public ip addresses, so i setup the pix outside interface as xx.233.191.98

OK, so if i configure my laptop with a static ip address of xx.233.191.99, then i can vpn in fine and access all resources.

However if i go home and use my comcast cable connection i have an ip address of like 24.111.222.2 (example) I try to run the vpn and it just stalls trying to connect and then times out. Ive tried other locations and it stalls also.

It seems that the vpn will only connect when i am using one of the other public ip addresses in the same subnet on the T-1 line that the pix is a part of.



can anyone help?
 
Sort by date Sort by votes
More likely is it that your connection at home does not allow tcp/1723 and GRE (prot 47).

However, you should check that your pix can actually get to the internet.


Network Systems Engineer
CCNA/CQS/CCSP/Infosec
 
Upvote 0 Downvote
One other thing to note. I was able to get the VPN to connect, but now I can't access any resources. In order to get the VPN to connect I had to list my ip address from home as an outside host and then define a static route from my IP address to the outside address of the pix interface.. like i said i can now connect but i cant get to any resources. please help
 
Upvote 0 Downvote
All i can say is change to a cisco vpn client and all your problems will go away :)


Network Systems Engineer
CCNA/CQS/CCSP/Infosec
 
Upvote 0 Downvote
i have the same exact problem with the cisco vpn client. so something else is the cause. please help dopehead
 
Upvote 0 Downvote
I finally figured out why the vpn wasn't working, its because i had to apply a fixup. fixup protocol pptp 1723
now i can connect fine. i also unchecked the use default gateway check mark on the vpn connection under advanced tcp properties and now i can surf the net and access network resources at the same time.
 
Upvote 0 Downvote
just quick note, if your firewall is cofigured for PPTP your cisco client would never have worked.


Network Systems Engineer
CCNA/CQS/CCSP/Infosec
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
1K
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
883
intel233
intel233
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
312
WhosYourDiffie
WhosYourDiffie
MottoK
  • Locked
  • Question
Cisco ISE blank GUI
Replies
0
Views
647
MottoK
MottoK
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
336
PauS0n
PauS0n

Part and Inventory Search

Sponsor

Back
Top