Hi Andrew,
Is it possible for an MS/PPTP VPN to go through SuSEfirewall2 using IP forwarding in much the same as it is possible to forward connections through a SuSEfirewall2 machine to a machine running a web server like this:-
FW_FORWARD="0/0,192.168.1.2,tcp,80
pptp uses port 1723 to establish its connection. I did not test forwarding yet, but my experience with a client using zonealarm on a windoze to do many nasty things make me believe that a forwarding of port 1723 tcp should work. Try FW_FORWARD="0/0,192.168.1.2,tcp,1723 and have a look and the logs :-)
Or does the MS VPN machine need to be accessible from the internet, i.e. bypassing the SuSEfirewall machine altogether.
Afaik PPTP only uses port 1723, so you don't need other protocols like GRE (like IPSEC)
Any help greatly appreciated.
HTH Jörn Ott -- ------------------------------------------------------------ Jörn Ott Telefon: (0 22 24) 94 08 - 73 EDV Service & Beratung Telefax: (0 22 24) 94 08 -74 Lohfelder Str. 33 E-Mail: mailto:white@ott-service.de 53604 Bad Honnef WWW: http://www.ott-service.de/