Anil Garg wrote: > In my pass-through for PPTP and IPSEC, I had a rule that allowed > any...all..any for only TCP IP protocol. > I have now changed that to any protocol all the way to the end any..... > Is this ok on the VPN interfaces like PPTP and IPSEC?
adding rules which permit any-any, even if it's all kinds of icmp is a bad idea. if you don't know why, you need to read a good book on firewalls etc. here's a good start. http://preview.tinyurl.com/26fm8z I don't want to be rude, in the main, pfsense is a product for people who understand internet security at least in some detail. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
