Make sure the PPTP Application Layer Gateway (ALG) is turned on for the firewall.
I'm assuming this function is on the Netscreen 25 in a similar way to the SSG series that I am used to. In the SSG this is found under the security tab.
Basically PPTP and other applications like this use random ports that get negociated during the connection. The firewall has to be aware of the application to allow the traffic. When you enable the PPTP ALG this is done and the connections can proceed.
Steve Puluka BSEET Juniper Ambassador Senior Network Engineer - UPMC Pittsburgh, PA JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC JNCIS-FWV JNCIS-SSL MCP - Managing Server 2003 MCP - Windows XP Professional MCTS Windows 7 http://puluka.com/home