VpN

[naingtan]

I just setup my pix 515(ver 6.1) as vpn server with the folloing config:

access-list 101 permit ip 10.10.10.0 255.255.255.0 192.168.1.0 255.255.255.0
ip local pool xxxxx_vpn_group_pptp-pool 192.168.1.1-192.168.1.50
nat (inside) 0 access-list 101
sysopt connection permit-pptp

vpdn group xxxxx_vpn_group_vpn_group accept dialin pptp
vpdn group xxxxx_vpn_group_vpn_group ppp authentication pap
vpdn group xxxxx_vpn_group_vpn_group ppp authentication chap
vpdn group xxxxx_vpn_group_vpn_group ppp authentication mschap
vpdn group xxxxx_vpn_group_vpn_group client configuration address local xxxxx_vpn_group_pptp-pool
vpdn group xxxxx_vpn_group_vpn_group client authentication local
vpdn username cisco password cisco
vpdn enable outside

And my network diagram as follows;

outside
|
|
dmz-->PIx--router--private(two subnet is different ip addr assign than ip pool in pix.

When i connect to outside ip as cisco user name and cisco password using windows pptp client , i got the following error message: "username and/or password is invalid on the domain".

Do i miss something?

regards,
naingtan

 

[yizhar]

HI.

What is the Windows OS?
Try with both Win98 and Win2K.
If the windows workstations is 98 and is configured with "logon to domain", then try to add this command at the pix:

vpdn username DOMAINNAME\cisco password cisco

Post here more details if needed, including version info, and the exact error message.
You can also search this forum for previous related messages.

Bye
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar