Dustin:
Heya. Just a quick check to see if you've told your
firewall to allow those protocol=47 packets to come through.
You got the TCP port=1723 ones for PPTP right, but there's
two pieces to it.
-Scott
> Hello,
>
> I am attempting to replace a 2.9.4 based firewall with Dachstein. The
> current firewall forwards VPN traffic to a server behind itself. I have
> setup the new server with the following entries in network.conf, but I have
> apparently missed something because I can't connect. If anyone can help, I
> would appreciate it.
>
> Thanks,
> Dustin
>
> -snip-
> # TCP services open to outside world
> # Space seperated list: srcip/mask_dstport
> #EXTERN_TCP_PORTS="216.171.153.128/25_ssh 0/0_www 0/0_1023"
> EXTERN_TCP_PORTS="0/0_vpn"
> -snip-
> # Advanced settings: parameters passed directly to portfw and autofw
> # Indexed list: "<ipmasqadm portfw options>"
> #INTERN_SERVER0="-a -P PROTO -L LADDR LPORT -R RADDR RPORT [-p PREF]"
> #INTERN_SERVER1=""
> INTERN_SERVER0="-a -P tcp -L external_ip 1723 -R vpnserverip 1723"
> -snip-
>
> I have also added the vpn service to /etc/services as:
>
> vpn 1723/tcp #vpn traffic
>
> and am running ipfwd as:
>
> /usr/sbin/ipfwd --masq vpnserverip 47 &
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
