I have a PIX 525e that is my company's firewall and VPN (for remote site connectivity). Today, I configured it to do PPTP for some of our employees hoping to get away from the MS PPTP server. I noticed today while testing the configuration that I could not get to the Internet when using PPTP. Now, I know I can configure it to do "split tunneling" however, I do not wish to do split tunneling (long story, not my choice).
I read a post from some news group that the PIX will not allow you to route out the same interface the encrypted packet came in on. In other words the "outside" interface is the PPTP tunnel end point and I can not route (the client using PPTP) the packet out into the Internet (also the outside interface). I can only use it to connect to internal PCs.
Is this true? Is there any work around? If I used a router for PPTP could I get around this?
P.S. I know PPTP sucks (that also is not my choice)