[pptp-server] PPTP client connection trough masqueraded firewall

Scott Venier scott.venier at compaq.com
Wed May 30 14:35:56 CDT 2001 

FW-1 probably only supports 1 concurrent connection behind it.  it's not
smart enough to figure out based on call id which machine should get the
GRE packets.  See if there's an update.  if not, get a box to route.

Scott

On Wed, 30 May 2001, Kurt Glazemakers wrote:

> 
> I'm sorry, the image totally screwed up by sending it, maybe this will
> be more clear
> 
>   	Linux	PPTP server
> 		  |
> 		  |
> 		 ...
> 	     Internet
> 		 ...
> 		  |
> 		  |
> 	   213.2.45.6
>             FW-1
> 	   192.168.1.254/24
> 		  |
> 	  -------------
>         |            |
>       PC-A		 PC-B
>   192.168.1.1/24	192.168.1.2/24
> 
> Yep, the internet address of the firewall is fixed, and yep PC-A or PC-B
> is able to connect. Only both PPTP connections togheter don't work.
> 
> I could make one connection and route it, but then I need an extra
> machine, because PC-A and PC-B are laptop pc's. If possible I would like
> to avoid it.
> 
> 
> -----Original Message-----
> From: Justin Kreger [mailto:lists at earthling.2y.net]
> Sent: woensdag 30 mei 2001 19:25
> To: Kurt Glazemakers
> Cc: pptp-server at lists.schulte.org
> Subject: Re: [pptp-server] PPTP client connection trough masqueraded
> firewall
> 
> 
> Your diagram is.... umm... not clear..   Dose the internet side of your
> firewall have a static ip?  Is it acceptable to have one connect to the
> pptp server, and route between the two networks? 
> 
> Justin Kreger, MCP MCSE CCNA
> jkreger at earthling.2y.net jwkreger at uncg.edu jkreger at aristotle.wss.net
> 
> 
> On Wed, 30 May 2001, Kurt Glazemakers wrote:
> 
> > 
> > This is the setup I wanted to use:
> > 	Machine A		  Checkpoint  FW-1
> >    192.168.1.1/24=======|  |-----------|
> > |-------------------|	
> > 				|==|		   |========....
> > INTERNET  ....======| Linux PPTP server |
> > 	Machine B		|  |		   |
> > |			    |
> >    192.168.1.2/24=======|  |-----------|
> > |-------------------|
> >    			192.168.1.254/24     213.2.45.6
> > 
> > Machine A and machine B needs to connect to the PPTP server and are
> > using 2 different accounts.
> > 
> > My question is: Is it possible to do this, can the PPTP protocol be
> > masqueraded ? The TCP port 1723 will be offcourse no problem, but what
> > about the GRE. Because 1 connection works, but a second fails ...
> > 
> > Thanks,
> > 
> > Kurt 
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!
> > 
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
>

More information about the pptp-server mailing list