[windows2000] VPN over Firewall
- From: "Eduardo Freitas" <eduardofreitas@xxxxxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Tue, 5 Aug 2003 11:25:23 -0300
----------------------------------------- (Em mail.irisa.com.br)
---------------------------------------------------------
Hi there guys,
Im having a problem setting up a PPTP VPN inside my network so users can
use it through the Internet. I tested the VPN locally and it seems to
work fine. To get it to work through the linux firewall (ipchains), I
used first used rinetd to redirect connections from port 1723 (PPTP) to
the same port on the internal server. That got me kind of connecting to
the server, but it got stuck after "veryfing username/password". I read
a little bit more on the internet and found out that it uses GRE
(protocol 47) for the real connection per say (sending the tunneled
packets). Then I set:
Ipchains -I forward -p 47 -s INTERNAL_NET_IP -d SERVERIP -j MASQ
To forward those packets to the real server.
As you can see from that line. I testing it internally, so the source is
the internal network and the destination is the internal server ip. Hope
you guys can help me out...
I forgot a detail...
I tcpdumped the connection and it seems the firewall is not forwarding
GRE packets to the VPN server... Any clues?
Thanks,
Eduardo Freitas
10:53:13.554355 192.168.0.50 > 192.168.0.1: gre-proto-0x880B (gre encap)
10:53:13.554416 192.168.0.1 > 192.168.0.50: icmp: 192.168.0.1 protocol
47
unreachable [tos 0xc0]
Other related posts:
- » [windows2000] VPN over Firewall
