Recently took on a new client that has a Cisco ASA and needed to get a PPTP server running behind the firewall.  Configuring this isn’t easily done the ASDM GUI, you must either use the command line interface directly or via the ASDM in Tools, Command Line Interface.  Here are the commands you’ll need to enter to get it working in your environment:

access-list out-in extended permit gre any host <public ip address> 
access-list out-in extended permit tcp any host <public ip address> eq pptp 
static (inside,outside) gre interface <server LAN address> gre netmask 
static (inside,outside) tcp interface 1723 <server LAN address> pptp netmask 
policy-map global_policy
 class inspection_default
 inspect pptp


Replace <public ip address> with your public IP and <server LAN address> with your PPTP server inside your LAN.  Got it working for me, but YMMV.  I don’t know much about IOS as I’m primarily a Sonicwall guy.

Leave a Reply

Your email address will not be published. Required fields are marked *

Web Hosting