[pptp-server] PPTP VPN box outside of the Firewall

Kelly Black kelly.black at btree.com
Fri Oct 13 15:14:42 CDT 2000


If the VPN eth1 points to the Firewall's trusted interface on the DMZ,
would the traffic need to be encrypted?  Would a simple route to the
interface on the Firewall's trusted interface be ok?

Kelly Black
Systems Administrator
TestQuest, Inc.

Andy Worthington wrote:
> 
> If you setup poptop on a machine outside of your firewall there needs to be
> a secure way for the connections to be routed to the internal net.  One
> solution that would probably work would be to setup ipsec (freeswan on
> linux) between the poptop box and the firewall so once people connected to
> the poptop box they would travel down the ipsec tunnel to the internal
> network.
> 
> Andy Worthington
> rockcity.com
> 
> ----- Original Message -----
> From: "Kelly Black" <kelly.black at btree.com>
> Cc: <pptp-server at lists.schulte.org>
> Sent: Friday, October 13, 2000 2:48 PM
> Subject: Re: [pptp-server] PPTP VPN box outside of the Firewall
> 
> > I have read all I could find to date, but have not found any reference
> > to what I am trying to do.
> > Lots of parallel paths (setting up VPN box as firewall), or VPN inside
> > the company firewall,
> > but nothing about VPN outside the firewall.
> >
> > Kelly Black
> > Systems Administrator
> > TestQuest, Inc.
> >
> >
> > Adam Lang wrote:
> > >
> > > For the most part, all documentation is either at, or linked to, at
> > > poptop.lineo.com
> > >
> > > Adam Lang
> > > Systems Engineer
> > > Rutgers Casualty Insurance Company
> > > ----- Original Message -----
> > > From: "Kelly Black" <kelly.black at btree.com>
> > > To: <pptp-server at lists.schulte.org>
> > > Sent: Friday, October 13, 2000 3:25 PM
> > > Subject: [pptp-server] PPTP VPN box outside of the Firewall
> > >
> > > > Can anybody point me to any good documentation about setting up PoPToP
> > > > on a box outside of the companies firewall?
> > > >
> > > >    Internet                                      Internet
> > > >       |(Routeable)                                  |(eth0 Routeable)
> > > >     __|__                                         __|__
> > > >    |     |                DMZ                    |     |
> > > >    |Fire |---------------------------------------| VPN |
> > > >    |_____| (Routeable)           (eth1 Routeable)|_____|
> > > >       |
> > > >       | (internal non routeable)
> > > >       |
> > > >       |
> > > > ----------------(internal non-routeable network )-------------------
> > > >
> > > > Thanks,
> > > > Kelly Black
> > > > Systems Administrator
> > > > TestQuest, Inc.
> > > > _______________________________________________
> > > > pptp-server maillist  -  pptp-server at lists.schulte.org
> > > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > > List services provided by www.schulteconsulting.com!
> > >
> > > _______________________________________________
> > > pptp-server maillist  -  pptp-server at lists.schulte.org
> > > http://lists.schulte.org/mailman/listinfo/pptp-server
> > > List services provided by www.schulteconsulting.com!
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!



More information about the pptp-server mailing list