How to Enable PPTP Clients to Connect Through an ISA Firewall (283628)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2000
This article was previously published under Q283628

SUMMARY

This article describes how to enable Point-to-Point Tunneling Protocol (PPTP) clients to connect through an Internet Security and Acceleration (ISA) firewall.

MORE INFORMATION

To allow internal clients to create PPTP connections to an endpoint on the public side of an ISA firewall, you have to explicitly configure the PPTP pass through in the ISA Management program.

To enable PPTP client connections through an ISA firewall, follow these steps:
  1. Start the ISA Management program, and then click Access Policy.
  2. Right-click IP Packet Filters, and then click Properties.
  3. On the General tab, click to select Enable IP Routing.
  4. On the PPTP tab, click to select the PPTP through ISA firewall box.
This enables PPTP through the ISA server, and creates a filter labeled, "SecureNAT PPTP". By doing so, PPTP sessions can be created through the firewall.

Note: You will not be able to use a PPTP connection by using either the Winsock Proxy Client, or the ISA Firewall Client. Clients will require a Gateway address to provide a network route through the ISA server for PPTP connections to be made successfully.

REFERENCES

For additional information about how to enable dial-out access for ISA, Winsock Proxy, Firewall and SecureNAT clients, click the article number below to view the article in the Microsoft Knowledge Base:

283635 Enabling Dial-Out Access ISA Winsock Proxy, Firewall, and SecureNAT Clients

Modification Type:MinorLast Reviewed:1/15/2006
Keywords:kbFirewall kbhowto KB283628
©2004 Microsoft Corporation. All rights reserved.