[pptp-server] Running PPTP behind some firewall

Vlad Strezhnev vlast at eetc.com
Thu Apr 26 10:27:49 CDT 2001 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here is a "successfull" multi-platform setup running in our office for months 
now. (In fact since last October).

PoPToP behind ipchains (RedHat 6.2 on Sparc) with IP masquerading.
PoPToP server (RedHat 6.2 on Ruffian Alpha).

PoPToP remote Linux client (PowerPPC 2000 on Power Macintosh 7200/75)
on DSL connection behind Cisco 675 router with NAT.

This setup is used to remotely monitor the network using Netsaint.
The connection uses static virtual IP for the client and thus communication 
is two-way. We can use web server on PopTop client (by its virtual IP) to 
monitor and confgure Netsaint from the office.

Also several "road-warriors" connects to PoPToP server using laptops with 
inbuild pptp client on Windows 98&2000 as well as TunnelBuilder on Macs.

Here is link in all its beauty :-)

[10.0.0.7(PoPToP Linux client)]->
[10.0.0.1(Cisco internal interface)]->
[DSL dinamic IP (Cisco external interface assigned by Quest]->
[x.x.x.x (Our firewall external IP)]->
[192.168.1.1 (Firewall internal IP)]->
[192.168.1.38 (PoPToP server IP)]->
[192.168.1.230 (PoPToP client virtual static IP)]->
[192.168.1.203 (PoPToP server virtual IP)]

PoPToP rules! -isn't it?

On Thursday 26 April 2001 08:25, you wrote:
> It took me forever to get PPTP to work behind a firewall.  In fact, I
> ended up finding a bug with it.  It was related with IP aliasing on the
> firewall & GRE packets getting dropped.
>
> I'm using Linux 2.2.18 with IPChains as my firewall, and Linux 2.2.17 as
> my pptp server.
>
> -Rob
>
> Naresh wrote:
> > Hi
> >
> >    Has anyone configured pptpd to run behind some firewall like FW1 or
> > such. I tried with FW1 but since I NATing the gre is not supported by FW1
> > so couldn't do it. I tried a linksys box also by port forwarding the
> > ports 47 and 1723 but it doesn't work. If anyone has something please let
> > me know.
> >
> > Thanks,
> > Naresh
>
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!

- -- 
VLAD STREZHNEV
System Engineer
IndiVisual Learning, Inc.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQA/AwUBOug+e22oFIHLWbQwEQJdXwCfXPJbQzJCTJSbuivJ+dLkiuiPGc8AoIPi
WwW8MRqbf7iGC9i7BqRrz1EE
=pR0h
-----END PGP SIGNATURE-----

More information about the pptp-server mailing list