Re: GRE, VPN and suchlike
It was sooooo simple !
Just use [iptables] ipchains to setup the rules and we have a nice
THANKS a lot, everything works perfectly now !
> Hi Gregiore,
> Gregoire Hostettler wrote:
> > Thank you, Brendan,
> > This is a good starting point.
> > But will this package implement GRE (port 47) ? Just because I need to
> > install the Linmux box as a firewall.
> > In fact it is already a fw. What I need is just to make VPN encapsulated
> > packets to go through the firewall to the VPN server which is located
> > in the inside LAN.
> If all you want to do is forward PPTP packets to an internal (public IP)
> PPTP VPN server that's easy. Under kernel 2.4:
> # For the initial PPTP authentication
> iptables -A INPUT -p TCP -s <your VPN server> --dport 1723 -j ACCEPT
> iptables -A INPUT -p TCP -d <your VPN server> --sport 1723 -j ACCEPT
> # Then for forwarding GRE
> iptables -A INPUT -p 47 -s <your VPN server> -j ACCEPT
> iptables -A INPUT -p 47 -d <your VPN server> -j ACCEPT
> If you want to masquerade PPTP packets to an internal (private IP) PPTP
> server then read this howto:
> However, this only covers kernels 2.0 and 2.2. I haven't tried doing
> this under 2.4 yet.
> > And do I need samba ? I want to keep my Debian fw with as few daemons as
> > possible, as you can guess ;-)
> You only need Samba if you want to provide Windows file and printer
> sharing on the firewall itself. PPTP does not require Samba.
> > Anyway THANK YOU for your help !
> No problems. Hope this helps!
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com