PIX PPTP and DMZ Access

[kmkrause2]

I hve a PIX 515e running v.6.2(2) with Inside, Outside and DMZ interfaces. I've been able to get PPTP configured so that one of our users can connect from his Win2003 server running at home using the MS VPN client. I'm also testing using Win2k Pro and the MS VPN client. The problem is that while I can access the inside network for RDC/Terminal Services activity, I can't seemt to gain access to the DMZ network. When I ping those computers, I get timeouts. I'm not sure if this is an ACL issue or perhaps I'm missing something in the config. My intention is to use the PIX as the endpoint, similar to the way I have the Cisco VPN cleint access configured.

Here's a copy of the SH Version command:

Cisco PIX Firewall Version 6.2(2)
Cisco PIX Device Manager Version 2.1(1)

Compiled on Fri 07-Jun-02 17:49 by morlee

DMST1 up 105 days 6 hours

Hardware: PIX-515, 32 MB RAM, CPU Pentium 200 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0050.54ff.d444, irq 11
1: ethernet1: address is 0050.54ff.d445, irq 10
2: ethernet2: address is 0002.b3c1.75f7, irq 9
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES: Disabled
Maximum Interfaces: 3
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited

Serial Number: 480281589 (0x1ca083f5)
Running Activation Key: 0x6f815506 0x28802396 0x1b716767 0x42f843b1
Configuration last modified by enable_15 at 17:31:43.889 CST Wed Mar 23 2005

==========================================
And here's the config:

DMST1# sh run
: Saved
:
PIX Version 6.2(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security10
enable password 9bzkhMj1IvITf1s0 encrypted
passwd 9bzkhMj1IvITf1s0 encrypted
hostname DMST1
domain-name ciscopix.com
clock timezone CST -6
clock summer-time CDT recurring
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol ils 389
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
names
access-list acl_out permit tcp any host 12.2.168.154 eq ftp-data
access-list acl_out permit tcp any host 12.2.168.154 eq ftp
access-list acl_out permit tcp any host 12.2.168.154 eq 1967
access-list acl_out permit ip host 63.240.180.195 host 12.2.168.142
access-list acl_out permit tcp host 63.240.180.195 host 12.2.168.142 eq 500
access-list acl_out permit tcp host 63.240.180.195 host 12.2.168.142 eq ldap
access-list acl_out permit tcp host 63.240.180.195 host 12.2.168.142 eq 709
access-list acl_out permit tcp host 63.240.180.195 host 12.2.168.142 eq 5080
access-list acl_out permit tcp host 63.240.180.195 host 12.2.168.142 eq telnet
access-list acl_out permit tcp host 63.240.180.195 host 12.2.168.142 eq ftp
access-list acl_out permit tcp host 63.240.180.195 host 12.2.168.142 eq ftp-data

access-list acl_out permit ip any host 12.2.168.149
access-list 105 permit ip host 192.168.1.126 172.16.0.0 255.255.0.0
access-list 105 permit ip host 192.168.1.89 172.16.0.0 255.255.0.0
access-list 105 permit ip host 192.168.2.10 172.16.0.0 255.255.0.0
access-list dmz_inside permit ip 192.168.2.0 255.255.255.0 any
access-list dmz_inside permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.2
55.0
access-list dmz_inside permit ip host 192.168.1.5 host 192.168.2.10
pager lines 20
logging on
logging trap errors
logging host inside 192.168.1.24
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 100full
mtu outside 1500
mtu inside 1500
mtu dmz 1500
ip address outside 12.2.168.130 255.255.255.192
ip address inside 192.168.1.254 255.255.255.0
ip address dmz 192.168.2.254 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool bigpool 172.16.1.1-172.16.1.254
pdm location 192.168.2.10 255.255.255.255 dmz
pdm location 10.0.0.0 255.255.255.0 inside
pdm location 172.30.1.0 255.255.255.0 inside
pdm location 192.168.1.3 255.255.255.255 inside
pdm location 192.168.1.5 255.255.255.255 inside
pdm location 192.168.1.137 255.255.255.255 inside
pdm location 192.168.1.142 255.255.255.255 inside
pdm location 192.168.1.175 255.255.255.255 inside
pdm location 192.168.1.5 255.255.255.255 dmz
pdm location 192.168.1.0 255.255.255.0 dmz
pdm location 63.240.180.195 255.255.255.255 outside
pdm location 172.16.0.0 255.255.0.0 outside
pdm location 192.168.1.24 255.255.255.255 inside
pdm location 192.168.1.89 255.255.255.255 inside
pdm location 192.168.1.126 255.255.255.255 inside
pdm logging errors 100
pdm history enable
arp timeout 14400
global (outside) 1 12.2.168.131 netmask 255.255.255.192
global (dmz) 1 192.168.2.252 netmask 255.255.255.0
nat (inside) 0 access-list 105
nat (inside) 1 192.168.1.0 255.255.255.0 0 0
nat (dmz) 0 access-list 105
nat (dmz) 1 192.168.2.0 255.255.255.0 0 0
static (inside,outside) 12.2.168.154 192.168.1.3 netmask 255.255.255.255 0 0
static (dmz,inside) 192.168.2.10 192.168.2.10 netmask 255.255.255.255 0 0
static (inside,dmz) 192.168.1.5 192.168.1.5 netmask 255.255.255.255 0 0
static (inside,outside) 12.2.168.175 192.168.1.175 netmask 255.255.255.255 0 0
static (inside,outside) 12.2.168.142 192.168.1.142 netmask 255.255.255.255 0 0
access-group acl_out in interface outside
access-group dmz_inside in interface dmz
route outside 0.0.0.0 0.0.0.0 12.2.168.129 1
route inside 10.0.0.0 255.255.255.0 192.168.1.253 1
route inside 172.30.1.0 255.255.255.0 192.168.1.253 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
http server enable
http 192.168.1.137 255.255.255.255 inside
snmp-server location DMSATT_T1
no snmp-server contact
snmp-server community PMOL-DMS
snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
sysopt connection permit-pptp
sysopt ipsec pl-compatible
no sysopt route dnat
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap client configuration address initiate
crypto map mymap client configuration address respond
crypto map mymap interface outside
isakmp enable outside
isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
isakmp identity address
isakmp client configuration address-pool local bigpool outside
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup DMSVPN address-pool bigpool
vpngroup DMSVPN dns-server 192.168.1.75
vpngroup DMSVPN wins-server 192.168.1.75
vpngroup DMSVPN default-domain dmsmain.com
vpngroup DMSVPN split-tunnel 105
vpngroup DMSVPN idle-time 1800
vpngroup DMSVPN password ********
telnet 192.168.1.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
vpdn group MSVPN accept dialin pptp
vpdn group MSVPN ppp authentication mschap
vpdn group MSVPN ppp encryption mppe 40
vpdn group MSVPN client configuration address local bigpool
vpdn group MSVPN client configuration dns 192.168.1.75 192.168.1.76
vpdn group MSVPN client configuration wins 192.168.1.75 192.168.1.76
vpdn group MSVPN pptp echo 60
vpdn group MSVPN client authentication local
vpdn username kkadmin password *********
vpdn enable outside
vpdn enable dmz
terminal width 80


Thanks for any help offered,
Ken