Allow PPTP pass through

Hi all,
I have a Pix 515e version 6.1(5) I need to let PPTP pass through, is there any special configuration I have to do?
I have already enabled the pptp on the ACLs.
Thanks.

Hi,
If you have a device in the LAN to which you connect then I think you will need to configure Static NAT for that device to give it a public IP address. There is also a "inspect pptp" configuration.
The software on your firewall is so old that I am not sure what the configuration format is though. I think in the older softwares the above "inspect" command was actually "fixup pptp"
I would suggest looking at replacing your current firewall. The current software level is very very old.
- Jouni

Similar Messages

  • IPSec Pass Through on ASA

    I have a third party firewall behind a Cisco ASA. The Cisco ASA is doing PAT as there are no other IP addresses available. The third party firewall is attempting to build an IPSec tunnel to another firewall. The IPSec tunnel is not coming up. When I do a capture on the Cisco ASA firewall I see traffic hit the inside interface and leave the outside interface. I then see the reply traffic return and hit the outside interface of my Cisco ASA but it is not being allowed to pass through to the inside interface.I have enabled NAT-T on the thrid party firewall but it still does not get the reply traffic becuase it gets stopped at the Cisco ASA.
    Any thoughts?

    Is your third party FW attached directly to your ASA? If not, do you have a route to that device on your ASA?
    Please perform a packet-tracer to see why the return traffic is not reaching the third party FW..
    packet-tracer input outside udp 500 500 detail
    If the packet-tracer shows traffic going through successfully, perhaps it is your third party FW that is blocking the traffic?
    Please reply with packet-tracer results.
    Kind Regards,
    Kevin
    **Please remember to rate helpful posts as well as mark the question as 'answered' once your issue is resolved. This will help others to find your solution faster.

  • Maintain Server parameters to allow huge file size to pass through XI

    Hello SAP Gurus,
    i would like to know how can i check this Server parameters in SAP PI Configuration :
    u2022 UME Parameters : To look into the pool size and poolmax wait parameters - UME recommended parameters (like: poolmaxsize=50, poolmaxwait=60000)
    u2022 Tuning Parameters: To look/define the Message Size Limit u201Clike: EO_MSG_SIZE_LIMIT = 0000100u201D under tuning category
    u2022 ICM Parameters: To consider ICM parameters (ex: icm/conn_timeout = 900000. icm/HTTP/max_request_size_KB = 2097152)
    This is required for allowing huge file size to pass through XI.
    Regards,
    Ravi

    Hi Michael,
    I did the settings you just mentioned in the link.
    I got through the First step where the file got processed and 50000 record data got divided into on 50000 idocs.
    But when its is posting this in BW system, then the outbound  status of the message is " Message has error status on outbound side"
    And when i see BW there are no idocs in that system. Is it that the RFC connection between XI and BW had timed out and so it did not got processed at outbound side. Or there is some other setting required ?
    Also, when we tried it with 20 K file then the outbound status is also successful.
    Please let me know how to  resolve this issue .
    Regards,
    Ravi

  • Should I Install SQL Server 2008 R2 on a VHDX or Pass-through disk

    Hi,
    I am in going to be setting a virtual server running Windows Server 2008 R2 on my Hyper-V cluster and I will be also adding SQL Server 2008 R2 once the OS is configured. Can you please suggest whether I should setup a VHDX or a pass-through disk? I have
    read articles online suggesting to use a pass-through disk from my SAN but I also read that since Windows Server 2012, VHDX is as good as a pass-through disk, especially because it will allow to have snapshots taken, unlike the pass-through which will not.
    Please advise on whether I should chose a pass-through disk or a VHDX.
    Thanks in advance,

    Hi Aquila,
    There are three basic types of Virtual Hard Disks (VHDs) that you can use with VMs, such as dynamic VHD, fixed VHD, and differencing disks. Usually, the fixed VHD is almost always the best choice for virtualized SQL Server systems that run a production workload.
    You can use dynamic disks for noncritical production workloads, as well as for testing, training, and lab environments. Pass-through disks offer the highest level of performance for VM storage, however, Pass-through disks can't be moved without incurring downtime,
    and they don't support VM snapshots. For more information, see:http://sqlmag.com/sql-server/sql-server-virtualization-tips
    In addition, there is an article about how to setup boot from VHD for a SQL Server. You can review the following link.
    http://www.mssqltips.com/sqlservertip/2327/how-to-setup-boot-from-vhd-for-a-sql-server-test-or-development-environment/
    Regards,
    Sofiya Li
    Sofiya Li
    TechNet Community Support

  • Does the iPad 2 pass through TV the same way that the iPhone 4s does ?

    Does the iPad 2 pass through TV the same way that the iPhone 4s does ? I have an Arcam rCube dock which allows the tv pass through from the iPhone 4s and I was wondering if the iPad 2 will do the same if I buy a dock extender and what should I check for in a dock extender ?

    No - that feature does not exist on the iPad2 and I know of no plans - nor would anyone else here - for that feature to be added with a software update in the future.

  • Audio Pass-Through

    In the Encoder Tab of the Inspector Window, there is a pulldown menu to the right of the "Audio Settings..." Button. There are 3 choices in this pull-down menu: Enabled, Disabled, and Pass-through.
    What does the Pass-through option mean?
    My system:
    Dual G5 2.3GHz
    4.5 GB RAM
    OS 10.4.2
    FCP 5.0.2
    QT Pro 7.0.3
    Compressor 2.0.1
    massachi

    Some of the transcoders allow you to pass the audio or video through without re-compressing or modifying the original state of the encoded data. That's what "Pass-through" does.
    Thus, if your audio is already in the correct state (for example AAC) then pass-though will just take the original audio and add it (unmodified) to the output file.

  • Pass through camera, looking to buy. Suggestions?

    Hi,
    I'm looking to streamline how I make videos. I've tried using iMovie with a Canon Vixia HF200. But couldn't get the video from the card. I maxed out my RAM to 8 GB, put in a 1TB drive and still didn't work. I did the trial of FCP and while that made importing video from the card, I'm not sold on the expense of that app just yet. (Editing in it was hard as I should have spent the $$ on a 7200 RPM drive instead of a 5400.)
    The videos I'm trying to make are demos of my classical guitar performances for youtube, FB etc. The first one I did used the iSight camera with a decent mic: AKG 420. The Canon takes a nice picture but the hassle of using Handbrake and syncing audio from Garageband is just not my idea of how I can best accomplish the task for my needs. Further, the pass through allows me to have a video monitor when I'm setting the shots up by myself.
    So, valued community, would you have any suggestions for a camera that might fit the

    Hi,
    I'm looking to streamline how I make videos. I've tried using iMovie with a Canon Vixia HF200. But couldn't get the video from the card. I maxed out my RAM to 8 GB, put in a 1TB drive and still didn't work. I did the trial of FCP and while that made importing video from the card, I'm not sold on the expense of that app just yet. (Editing in it was hard as I should have spent the $$ on a 7200 RPM drive instead of a 5400.)
    The videos I'm trying to make are demos of my classical guitar performances for youtube, FB etc. The first one I did used the iSight camera with a decent mic: AKG 420. The Canon takes a nice picture but the hassle of using Handbrake and syncing audio from Garageband is just not my idea of how I can best accomplish the task for my needs. Further, the pass through allows me to have a video monitor when I'm setting the shots up by myself.
    So, valued community, would you have any suggestions for a camera that might fit the

  • PSC 10 and Pass Through Services - Override the GO button

    I have a couple of questions around the presentation of the service offer and the service form pages.
    What I am trying to demonstrate for a prospective customer is a “pass-through” service where there is no order form but a link off the central PSC catalog to another website location.  First off, if there is a correct way to do this please recommend it.  This is what I think would be the way I would like to handle it:
         1.       Set the service to be non-orderable.  This removes the “Order” and “Order on Behalf” buttons with a “Go” Button as shown here:
         2.       Next I would populate what was the HTML that describes the details of the service from the other website in the Overview from the service designer service presentation tab so that it displays in the Specification of the Offer page.
         3.       Next I would like the Go button to launch “pass-through” to the other web site.  Currently it pulls up an empty form with the service description and a “Cancel” button.  Is this possible?
         4.       Is there a way to control the layout of the content on the Offer Page and the Service Order Form pages?  For instance, if I wanted to include the “More Details” from the service designer service presentation tab, would that be possible?

    If you make the service non-orderable, but the user still has permission to see the service, he will see the service and the "Go" button.  Clicking on the "Go" button is supposed to take you to the order form, which allows the end users to see the fields he/she needs to fill in, but does not have a "Submit" button.
    I don't currently have a "Yes" answer for #3 and #4.  There might be a way to do them.  I'll look into it.

  • Compressing Data Passed Through WebService

    Hi there...
    Before I start explaining the problem, I am not an expert in webservices and weblogic.
    1- I am having a webservice that accepts lots of textual information and responds with lots of textual information as well. Is there an option in weblogic setting that allows data compression automatically? or should I implement data compression on the client and server?
    2- also it seems that the parameters passed through the webservice get alot of XML overhead information. Is there a way to reduce the amount of overhead information passed?
    Notice that SSL is being used.
    3- Finally what are possible causes that could lead to slow response from the server? I am getting about 8 to 10 second average response time from the server. I don't think it is the weblogic server simply because the development environment uses local LAN and it the response is much faster. any ideas?
    thanks

    1- I am having a webservice that accepts lots of textual information and responds with lots of textual information as well. Is there an option in weblogic setting that allows data compression automatically? or should I implement data compression on the client and server?
    Not that I know of, I think you have to resort to zipping the messages.
    2- also it seems that the parameters passed through the webservice get alot of XML overhead information. Is there a way to reduce the amount of overhead information passed?
    A way to reduce your XML overhead is to define small messages in your WSDL (and XSD).
    3- Finally what are possible causes that could lead to slow response from the server? I am getting about 8 to 10 second average response time from the server. I don't think it is the weblogic server simply because the development environment uses local LAN and it the response is much faster. any ideas?
    Network overhead. As you already mentioned in the other two question you are sending large messages. Maybe your system administrator has some monitoring tool for the network
    which can give you some insight in the matter.
    Information concerning WebLogic and Web Services can be found here: http://download.oracle.com/docs/cd/E21764_01/web.1111/e14529/web_services.htm

  • How do you disable postscript pass-through using Mac OSX 10.6

         My Phaser 4600DN prints quite slowly when printing a PDF, a 28 page documents takes nearly 7 minutes to print. On Windows 7 PC the same document takes 6 minutes to print. If I disable Postscript Pass-Through option on the driver the 28 page documents takes two minutes to print. I need to know if there is a similar option in Mac OS 10.6.8?

    andyfoster wrote:
    I need to know if there is a similar option in Mac OS 10.6.8?
    If, when printing to a Postscript printer, an app generates its own Postscript programme, it is possible for the printer driver to send it directly to the printer w/o any other modification; this is called Postscript pass-through. CUPS, the Mac OS X printing system, does allow for this option, but it is implemented in the printer driver, not the OS. So, whether or not disabling this option is available to you depends on the driver for your printer. Consult its docs or ask Xerox tech support.

  • XBox 360/Audigy: SPDIF IN pass through to SPDIF OUT not working with 5.1

    Hi,
    I've a problem passing my digital dobly signal from my 360 over the Audigy soundblaster to my external decoder. I want to use digital SPDIF IN from the audigy?IO device to pass the signal directly without processing to the external decoder by using the SPDIF OUT.
    There is only one digital in at the decoder, so I need this combination if I want my PC and XBox to be connected both without a toslink switch.
    I activated the pass through and external decoder option in the audigy console application. I also disabled the DDL encoder. Additionally I set my Windows 7 speaker settings to use SPDIF OUT as standard device.
    This is working for every dolby digital signal?from a dvd which I play on my PC, but not for the XBox signal. The signal is not recognized as a 5. dolby digital signal, but as a 2.0 signal. So something must happen with the signal in the audigy. The XBox settings are correct, because when I connect the toslink cable directly to the decoder everything works fine.
    My drivers are the newest one (3.8)?from the support pack.
    I don't want to use the DDL option, because the latency is much to high to allow regular playing!
    Is there a possibility to pass the XBox signal through to my decoder by using the digital in and out of the audigy?
    Thanks in advance,
    Axel

    Hi I have the same probleme, exept that I have succesfuly pluged my home theater receiver and the 5.1 works. Just my subwoofer seems not to work properly. Like when I plug it into a digital dvd player it works very nicely. but when pluged into the sound card it seems that it dosnt have any signal for it.
    ANy clues??? I know i pluged everything finely I have tested the sound test for each speaker and sub to, from the receiver and from the creative software the sub seems to work but very quietly even if I cran the volume up on the sub or in the software , the sub dont work as it should.
    1 thing I remarqued is that the sub works occasionaly in some movies. When listening to the music it not working and I dont understand that.

  • Protocols allowed to pass ASA

    Hi Everyone,
    Need to know how can we tell from sh run config that what protocols are allowed means ASA is not doing any inspection
    on them or we can say it is not blocking -    when traffic passes through the ASA?
    Also is there any command which we can use from CLI to check this?
    Thanks
    Mahesh

    Hi Julio,
    If sh run shows following configuration
    case1
    policy-map global_policy
    class inspection_default
      inspect icmp ***************************************
    service-policy global_policy global
    Does inspect icmp  here means that allow icmp if ping is sourced from inside of the network?
    Need to know the exact purpose of inspect command in ASA config???
    policy-map global_policy  ---  does it mean that it applies  to whole ASA  traffic ?
    service-policy global_policy global ----Purpose of this command?
    Thanks
    Mahesh

  • Web Pass-Through Does Not Redirect

    We have an issue in which when a client connects to the guest/pass-through WLAN, it does not automatically redirect to the "accept" page. Instead, it only works if you manually input an IP address into the web browser which will then bring up the "accept" page... then users can go ahead and surf the web. Does the controller forward DNS traffic in advance of a user clicking "accept"?

    I think I found part of the problem.
    We have two internal DNS servers and only one had "recursion" enabled. Even though both were in DHCP, it appears that the WLC was only allowing requests to one DNS server. (The one with recursion disabled.) For example: when connected to the guest WLAN, I was unable to run "nslookup" and resolve on both DNS servers. Only one server would respond... yet, as soon as an HTTP request is hijacked and I click the "accept" button, it allows me to run an "nslookup" against both DNS servers. I'm wondering if, for security purposes, if the controllers only allow DNS resolution requests to one IP initially until the "accept" button is clicked.

  • Sip passing through nat but rtp is not - no audio

    Sip passing through nat but rtp is not
    I'm looking at traffic leaving my router with a sniffer. I see SIP traffic but I do not see RTP traffic.  The phones ring on both sides but I do not get any audio.
    interface f0/0.100
    ip address 192.168.10.1 255.255.255.0
    ip nat outside
    ip nat pool VoIP 192.168.10.1  192.168.10.1 prefix-length 24
    ip nat inside source route-map VoIP pool VoIP overload
    ip nat inside source static tcp 10.1.1.2 49201 192.168.10.54 49201 extendable
    access-list 1 permit ip host 10.1.1.2 any
    route-map VoIP permit 10
    match ip address 1
    match interface  f0/0.100
    set interface  f0/0.100

    Hello,
    You can enable "ip nat service sip" or "ip nat service h323" and "ip nat
    service h225" commands. As per the documentation, they are enabled by
    default. In the latest IOS there is a new feature added to Cisco IOS that
    ensures that even RTP packets get translated to one of the allowed ports as
    specified by the RFC. The command to enable the feature is "ip nat service
    allow-sip-even-rtp-ports"
    http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6640/pro
    d_white_paper0900aecd80597bc7.html
    Hope this helps.
    Regards,
    NT

  • Only some of the traffic passing through inline vlan pair

    Here is my network setup
       firewall<---- >(g1/2)Coreswitch 6500 with IDSM(TG9/1)<-----> (TG9/1) Distrib switch with FWSM---------Accessswitch
    configuration in core switch
    interface GigabitEthernet1/2.11
    description **** ****
    encapsulation dot1Q 211
    ip vrf forwarding VRF11
    ip address 10.2.11.73 255.255.255.248
    ip ospf network point-to-point
    standby 1 ip 10.2.11.75
    standby 1 priority 110
    standby 1 preempt
    interface GigabitEthernet1/2.37
    description **** ****
    encapsulation dot1Q 237
    ip vrf forwarding VRF37
    ip address 10.2.37.73 255.255.255.248
    ip ospf network point-to-point
    standby 1 ip 10.2.37.75
    standby 1 priority 110
    standby 1 preempt
    interface TenGigabitEthernet9/1.11
    description ****   ****
    encapsulation dot1Q 311
    ip vrf forwarding VRF11
    ip address 10.2.11.2 255.255.255.252
    ip ospf network point-to-point
    interface TenGigabitEthernet9/1.12
    description ****   ****
    encapsulation dot1Q 312
    ip vrf forwarding VRF12
    ip address 10.2.12.2 255.255.255.252
    ip ospf network point-to-point
    configuration in Distribution switch:
    interface TenGigabitEthernet9/1.11
    description ****  ****
    encapsulation dot1Q 311
    ip vrf forwarding VRF11
    ip address 10.2.11.1 255.255.255.252
    no ip route-cache
    ip ospf network point-to-point
    interface TenGigabitEthernet9/1.37
    description ********
    encapsulation dot1Q 337
    ip vrf forwarding VRF37
    ip address 10.2.37.1 255.255.255.252
    no ip route-cache
    ip ospf network point-to-point
    i  have seggregated  n/w like this. i am using inline vlan  pair , to pass all the traffic through the IDSM module ,
    i am using the monitoring port gi0/8
    config in core switch
    intrusion-detection module 8 data-port 2 trunk allowed-vlan 211-260,311-360
    IDSM
    physical-interfaces GigabitEthernet0/8
    subinterface-type inline-vlan-pair
    subinterface 11
    description
    vlan1 211
    vlan2 311
    exit
    subinterface 37
    description
    vlan1 237
    vlan2 337
    exit
    Problem i am facing is , some of the vlan-pair traffic passing through the IDSM some of the traffic are not passing , here i have given the statistics
    MAC statistics from interface GigabitEthernet0/8
       Statistics From Subinterface 11
          Statistics From Vlan 211
             Total Packets Received On This Vlan = 0
             Total Bytes Received On This Vlan = 0
             Total Packets Transmitted On This Vlan = 0
             Total Bytes Transmitted On This Vlan = 0
          Statistics From Vlan 311
             Total Packets Received On This Vlan = 0
             Total Bytes Received On This Vlan = 0
             Total Packets Transmitted On This Vlan = 0
             Total Bytes Transmitted On This Vlan = 0
    Statistics From Subinterface 37
          Statistics From Vlan 237
             Total Packets Received On This Vlan = 3189658726
             Total Bytes Received On This Vlan = 64165872092928
             Total Packets Transmitted On This Vlan = 3549575166
             Total Bytes Transmitted On This Vlan = 64165872092928
          Statistics From Vlan 337
             Total Packets Received On This Vlan = 3549575166
             Total Bytes Received On This Vlan = 64165872092928
             Total Packets Transmitted On This Vlan = 3189658726
             Total Bytes Transmitted On This Vlan = 64165872092928
       Statistics From Subinterface 38
          Statistics From Vlan 238
             Total Packets Received On This Vlan = 2215151150
             Total Bytes Received On This Vlan = 64165872092928
             Total Packets Transmitted On This Vlan = 126546964
             Total Bytes Transmitted On This Vlan = 64165866995200
          Statistics From Vlan 338
             Total Packets Received On This Vlan = 126546964
             Total Bytes Received On This Vlan = 64165866995200
             Total Packets Transmitted On This Vlan = 2215151150
             Total Bytes Transmitted On This Vlan = 64165872092928
    Give me idea experts , so that i can resolve this issue.
    Help me thanks in advance

    I believe the issue is because of the config below:
    interface GigabitEthernet1/2.11
    description **** ****
    encapsulation dot1Q 211
    ip vrf forwarding VRF11
    ip address 10.2.11.73 255.255.255.248
    ip ospf network point-to-point
    standby 1 ip 10.2.11.75
    standby 1 priority 110
    standby 1 preempt
    encapsulation dot1Q 311
    ip vrf forwarding VRF11
    ip address 10.2.11.2 255.255.255.252
    ip ospf network point-to-point
    interface TenGigabitEthernet9/1.12
    description ****   ****
    encapsulation dot1Q 312
    ip vrf forwarding VRF12
    ip address 10.2.12.2 255.255.255.252
    ip ospf network point-to-point
    As you can see we have 2 ip subnets in the VRF 11 .73 &  .2 in vlan 211 & 311 respectively.
    The switch is doing intervlan routing directly without having to go through the IDSM for VRF 11.
    What we need to remember is IDSM does not do routing, and it can only bridge vlans.
    Hence we have to force to packet to go through the IDSM.
    Here is what we do when we use IDSM to see traffic going between vlans.:
    Normally, with vlans, and IDSM inline mode, we have one IP subnet and 2 Vlans.
    IDSM2 in inline mode necessitates an additional artificial Vlan on the  SAME subnet as the Vlan you wish to sense.
    A layer 3 switch  interface  needs to be configured within this additional artificial Vlan.
    In a nutshell, we need to create 2 Vlans that share one same ip subnet and put SVI on only one of the Vlans.
    In your case you will need one ip between vlans 211 & 311 in VRF 11 to force the data to go through the IDSM.
    I can understand if this is a bit tricky to understand.
    Please go through my design document for IDSM inline mode, which explains the basic concepts and packet walk in detail.
    It will explain why we need the above and how arp makes the mac-address table populate correct entries, (with one ip subnet for 2 vlans) so that traffic goes through the IDSM.
    https://supportforums.cisco.com/docs/DOC-12206
    - Sid

Maybe you are looking for

  • How do I get my contacts from iphone3 to my iphone4 - without icloud

    Im trying to get my contacts from my iphone 3G iOS 4.2.1 to my computer so I can then put them onto my new iphone 4. I have now autherised this computer to my iphone 3G but cant work out how to move the contacts. the ony thing I can see is the sync c

  • Just wondering whether rendering is required for unedited AVI on the Timeline?

    I just bought Premiere Elements 11.0. I was currently using Premiere Elements 3.02. In 3.02 When importing a standard AVI File to the timeline, only transitions and Titles needed rendering before exporting to DvD. However, I noticed when doing the sa

  • Talent Search-Trex- ESH_Cockpit-Error while preparing

    Hello, I am trying to configure TREX for talent search. But while trying to create the search object connector using ESH_Cockpit, I am getting the message 'Error while preparing' for all the connectors exept the connector HTRMC Person. These Connecto

  • Start vm linux Guests in single-user mode

    Hi - I have OBIEE vm template installed and everything is OK, I forgot the roor password for this guest, (ovsroot) is not working I think I've changed it. One option is to start this guest in single-user mode, I tried but you can't see the console un

  • OH  BOY!!

    I have my time capsule & i installed software. I have a wireless modem from Bell, it said(the set up booklet) connect usb to the round bolt like icon on TM to the bell modem i think. I went to System Pref's & clicked on TM i turn it on it scans for a