Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] SuSEfirewall2 &amp; MS/VPN
  • From: "Jörn Ott" <suse-security@xxxxxxxxxxxxxx>
  • Date: Fri, 25 Jul 2003 17:52:33 +0200 (CEST)
  • Message-id: <49456.192.168.200.3.1059148353.squirrel@xxxxxxxxxxxxxxxxxxxxxxxxx>
Hi Andrew,

> Is it possible for an MS/PPTP VPN to go through SuSEfirewall2 using IP
> forwarding in much the same as it is possible to forward connections
> through a SuSEfirewall2 machine to a machine running a web server like
> this:-
>
> FW_FORWARD="0/0,192.168.1.2,tcp,80

pptp uses port 1723 to establish its connection. I did not test forwarding
yet, but my experience with a client using zonealarm on a windoze to do
many nasty things make me believe that a forwarding of port 1723 tcp
should work.
Try FW_FORWARD="0/0,192.168.1.2,tcp,1723
and have a look and the logs :-)

>
> Or does the MS VPN machine need to be accessible from the internet, i.e.
> bypassing the SuSEfirewall machine altogether.

Afaik PPTP only uses port 1723, so you don't need other protocols like GRE
(like IPSEC)

>
> Any help greatly appreciated.

HTH
Jörn Ott

--
------------------------------------------------------------
Jörn Ott Telefon: (0 22 24) 94 08 - 73
EDV Service & Beratung Telefax: (0 22 24) 94 08 -74
Lohfelder Str. 33 E-Mail: mailto:white@xxxxxxxxxxxxxx
53604 Bad Honnef WWW: http://www.ott-service.de/




< Previous Next >
References