From: Torbjørn Kristoffersen (sgt@plexcom.no)
Date: Fri Feb 07 2003 - 09:02:19 EST
Hi
I hope there are some Sunscreen users on this list. I have
a Sunscreen firewall, and a Win2k machine on the inside that's
set up to be a PPTP server.
All the PPTP clients will be on the outside, but for some reason
it doesn't work. I opened for port 1723 (TCP), and the Sunscreen
service "ip tunnel" and "ip mobile". The clients got an error*
so I opened the firewall even further and allowed "ip all".
What's really weird is that I can't see any of their traffic in
tcpdump. However, if someone connects to port 1723 directly (for
testing purposes), I can see them.
Has this something to do with GRE (Ip proto 47)? I thought "ip all"
would open for that kind of traffic.
Anyone encountered this kind of problem before? We also have a LAN,
connected to our DMZ through the Sunscreen firewall. All of the LAN
computers are able to connect to the PPTP server, even if the traffic
goes through the firewall.
If someone would send me their Sunscreen configuration to make this
work, I'd be thankful. Maybe there's something I missed.
Thanks in advance
Torbjxrn Kristoffersen <sgt@plexcom.no>
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:47 EDT