[pptp-server] Can Listen IP be on one iface and LAN be on ano ther
Cowles, Steve
Steve at SteveCowles.com
Tue Jan 23 23:40:34 CST 2001
> -----Original Message-----
> From: Greg Kopp [mailto:gkopp at gregkopp.com]
> Sent: Tuesday, January 23, 2001 1:13 PM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] Can Listen IP be on one iface and LAN be on
> another
>
>
> Can I install two ethernet cards in a PoPToP server, one
> connected to the internet (eth1) listening for connections,
> and the other connected to my LAN (eth0). So that when a
> connection is established on eth1, it is establishing a VPN
> to eth0?
>
The configuration you described (two Ethernet cards) is very common. So, the
answer to your question is... YES. The key to your success will be proper
ipchain rules.
If your not very strong with entering ipchain rules, I would suggest that
you download and install "seawall" at http://seawall.sourceforge.net The
nice thing about seawall is that you edit a very well documented
configuration file that describes your network architecture. Then based on a
single configuration file, seawall will issue the appropriate ipchain
commands. In fact, seawall's configuration file specifically addresses PPTP
servers (even PopTop), PPTP clients behind a linux based firewall along with
IPSEC.
FWIW: I use seawall on my linux based firewall.
Steve Cowles
More information about the pptp-server
mailing list