[pptp-server] Tunneling to reach public IP address?
Chuck Flink
cwf at att.net
Fri Feb 4 16:45:50 CST 2000
See my page:
http://www.infosecana.com/dumb_pptp_testing_tricks.htm
In there is an example of the way the route table "pushes down"
when you have the "use remote gateway" checked.
Using the pure vanilla DUN interface to dial PPTP (e.g. as is
in Win98se used in the example above), your options for handling
the route table is limited to the check box for "use remote gateway".
If you want to implement more complex routing rules by changing
the route table one way upon completion of the tunnel connection,
then undoing that when the tunnel comes down, you should get hold
of the "Connection Manager"
http://www.microsoft.com/TechNet/IEAK/technote/deploygd/APPD.asp
This is a wizard that builds connection scripts that include automatic
running of programs at various points of the process between start
and finish of a tunnel session. E.g. it lets you build a connectoid that
will first dial via a modem to an ISP (using one name and password)
and then "dial" via a PPTP virtual modem to a PPTP (using another
authentication pair) and then launch a specific set of programs....
all by clicking one shortcut on your desktop.
It is used by WorldNet to implement their "Global Roaming" service
for their business dial customers..... (some of the WorldNet security
is dependent on dialing into a WorldNet modem pool and being
assigned a 12.*.*.* address. If you're out of the country and want
to get back to your WorldNet resources, you install their Global
Roaming connectoid and it calls a local ISP in whatever country
you're in and then PPTP tunnels to a WorldNet PoP.... assigning
you, upon proper authentication, a 12.<something> address as if
you had dialed in to one of their PoPs directly. Ain't VPNs great?!
- Chuck Flink
----- Original Message -----
From: "Sergio Dominguez" <sergio at omnitracs.com.mx>
To: "Jack Coats" <jack at coats.org>
Cc: <pptp-server at lists.schulte.org>
Sent: Friday, February 04, 2000 1:25 PM
Subject: Re: [pptp-server] Tunneling to reach public IP address?
>
> Hello:
>
> I used the button "Use default gateway on remote network" on the
> VPN connection properties. Good thing about this is that VPN clients
> DO reach my whole network because the VPN link is the default gateway.
>
> Bad thing about it, is that, if the VPN client wants to BROWSE the
Internet,
> or even do some DNS query, all the traffic will go trough the VPN link and
> then trough my corporate Internet link.
>
> The Networks file idea sounds great but I am clueless about it.
> ( the main goal here is telling my VPN client a couple of static routes:
> "send all the data going to the corporate networks (public)a.b.c.0 and
> (private)10.0.0.0 trough the VPN link, send anything else trough your ISP" ).
>
> Can you guys give me some clue?
> ( Yes I'm a newbie, I accept it! :( )
>
> Thanks in advance gents.
>
> Jack Coats wrote:
>
> > Just a guess... let us know if it works ...
> >
> > If I get this right you probably want to turn off the button that makes
> > the PPTP link your default gateway. ... To do all of what you want,
> > you may need to set up a NETWORKS file to send all traffic for 10.x.x.x
> > to the VPN and everything else out via the general gateway (via another
> > link).
> >
> > Does that sound right to everyone else?
> >
> > ... Jack
> > ----- Original Message -----
> > From: Sergio Dominguez <sergio at omnitracs.com.mx>
> > To: <pptp-server at lists.schulte.org>
> > Sent: Wednesday, February 02, 2000 2:29 PM
> > Subject: [pptp-server] Tunneling to reach public IP address?
> >
> > >
> > > Hello people:
> > >
> > > Given the following escenario,
> > >
> > > BIGSERVER has a 10.0.0.0 address and a valid public internet IP address
> > > VPN PoPTop has a 172.23.1.0 address and a valid public internet IP
> > > address.
> > > The firewall restricts any access to BIGSERVER directly.
> > >
> > > Is it posible to configure PoPToP so it can redirect access from
> > > workstations ... to BIGSERVER.company.com?
> > >....
>
>
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulte.org!
>
>
More information about the pptp-server
mailing list