[pptp-server] VPN under Windows NT network (Sygate)

Gord Belsey gord at amador.ca
Thu Aug 31 11:29:22 CDT 2000


If you were to follow Jerry's (good) advice, you'd use ipchains under linux
with the vpn-masq patch. You also could use the PoPToP linux box for both
the vpn and the firewall....set up ipchains, and drop it in place of the
sygate.  If you did this, you don't have to worry about the vpn-masq patch.

A note about DSL:  I run ipchains firewall and PoPToP (on the same ox) over
DSL.  It works fine (I also do it over cablemodems - no problems).  However,
I had one DSL connection (sympatico in Canada) that used PPPoE (PPP over
Ethernet).  This was a nightmare.....PPPoE for linux (about a year ago)
wasn't ready for primetime.  Seems to be better now(roaring penguin seems to
keep people happy...) but I swapped it for cablemodem access.  The point is
watch out for PPPoE with DSL, as it adds some "hoops" to setting up linux
firewalls/vpns.

Hope this is helpful

Gord Belsey

----- Original Message -----
From: Jerry Vonau <jvonau at home.com>
To: J R <jmr504 at hotmail.com>
Cc: <pptp-server at lists.schulte.org>
Sent: Wednesday, August 30, 2000 7:15 PM
Subject: Re: [pptp-server] VPN under Windows NT network (Sygate)


> Replace Sygate with the linux box and let it masq the private lan. Not to
sure
> on how to do the DSL part, but I'm sure if you ask some one will help.
>
> Jerry Vonau
>
>
>
> J R wrote:
>
> > Hello!
> >
> > At my office, we have an NT domain.  Internet comes through ADSL through
one
> > machine (gateway, 192.168.0.7).  I am using Sygate for this.
> >
> > I setup a Linux box (RH 6.2) w/ PoPToP to cheaply and quickly accomplish
a
> > VPN.  The VPN works great internally (using 192.168.0.x addressing
only).
> > However, the same machine that will connect to the linux box locally
cannot
> > if the connect is going to the Internet address (DSL).
> >
> > In sygate's apprule.cfg, I have opened port 1723.  Must I open any
others?
> > Ie. 47?  (If so, any ideas on HOW.  From what I can make of the
apprule.cfg
> > it only applies to TCP ports).
> >
> > Any other suggestions?
> >
> > Thanks.
> > Jonathan
> >
> >
_________________________________________________________________________
> > Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com.
> >
> > Share information about yourself, create your own public profile at
> > http://profiles.msn.com.
> >
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!
>
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
>




More information about the pptp-server mailing list