Jim, Yes, you are correct in your assumptions. That is the setup and yes other people can connect successfully. I can connect successfully if I put a PC outside my firewall.
I followed your advice and initially it worked for a few hours. I had to specifically open up the lan to connect to port 1723 on the target server. I.E. ACCEPT LAN 192.168.1.1 WAN:<VPN Server>:1723. I also opened GRE protocol. After about 6 hours however, the VPN suddenly died and I found that although I could ping the net and get DNS, I could not get HTTP, FTP or Mail access to the net or even the firewall from 192.168.1.1 (The firewall is 1.3). After several hours of fiddling, I found that if I changed the IP from 192.168.1.1 to another adress in the same subnet, I was OK. I then changed back to 192.168.1.1 and deleted the rule regarding Port 1723 and got HTTP, FTP and Mail access back. Currently I'm a bit stumped as to what is causing the problem. Regards Mark Florin, Does the advice you gave me apply to the situation as described below. If not, my apologies for not making myself clear. Mark > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Jim > Sent: 17 March 2005 13:28 > To: [email protected] > Subject: RE: [Security Firewall] Simple VPN question > > Am I correct in assuming that this is your diagram? > > > LAN --- FW --- WAN -------------- EXPOSED SERVER ( > somewhere on the net) > > > I say "exposed server" but I mean either exposed or they've > opened up the proper ports for VPN access and you aren't the > first one trying to establish access. > > What is your policy regarding LAN to WAN traffic? If you > have the default DROP ALL then you will need to open ports > 1723 and allow the GRE protocol to pass through the WAN > interface from the LAN side. > > Slainte, > > Jim > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf > Of Mark Tiller > Sent: Wednesday, March 16, 2005 6:50 PM > To: [email protected] > Subject: [Security Firewall] Simple VPN question > > > Hi All, > > Firstly, Florin welcome back!! > > I am using MNF 1. I am trying to get a Windows VPN > connection happening to a remote server from an XP client > behind my firewall. Anything special I have to do in MNF? > I've already opened high ports for the XP box on the firewall. > > Cheers > > Mark > > > > > > >
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
