Hello, OK. So we have something like FW_FORWARD="0/0,123.456.78.9,tcp,1723 0/0,123.456.78.9,gre,1723 and allow appropriate connections through the firewall from the MS/VPN machine to the internal network if required. Andy On Monday 28 July 2003 13:09, Marc Samendinger wrote:
-----Original Message----- From: Andy Bennett [mailto:andy@mcrentals.demon.co.uk] Sent: Monday, July 28, 2003 2:14 PM
Hello,
Hello Andy,
When you say:-
'You can put the M$ box behind a suse firewall if you have an official IP for the box,
too. Then just
close all exept the PPTP Port and the maschine is as safe as in your currently setup it would be (if it would work ;)'
Do you mean fixed IP address for the SuSEfirewall2 box or the MS VPN box? In fact, I have fixed IP addresses for both and they are both publicly available. So, if my fixed IP address for my MS VPN machine is 123.456.78.9 then I should be able to forward packets like so,
FW_FORWARD="0/0,123.456.78.9,tcp,1723
In addition to tcp 1723 the VPN uses the protocol GRE Take a look at following MS Knowledge Base article http://support.microsoft.com/default.aspx?scid=kb;EN-US;241251
hey that one is really good IMHO ;)
*snip*
Rgds Andy
marc