Hi Gregiore, Gregoire Hostettler wrote: > Thank you, Brendan, > > This is a good starting point. > > But will this package implement GRE (port 47) ? Just because I need to > install the Linmux box as a firewall. > In fact it is already a fw. What I need is just to make VPN encapsulated > packets to go through the firewall to the VPN server which is located > in the inside LAN.
If all you want to do is forward PPTP packets to an internal (public IP) PPTP VPN server that's easy. Under kernel 2.4: # For the initial PPTP authentication iptables -A INPUT -p TCP -s <your VPN server> --dport 1723 -j ACCEPT iptables -A INPUT -p TCP -d <your VPN server> --sport 1723 -j ACCEPT # Then for forwarding GRE iptables -A INPUT -p 47 -s <your VPN server> -j ACCEPT iptables -A INPUT -p 47 -d <your VPN server> -j ACCEPT If you want to masquerade PPTP packets to an internal (private IP) PPTP server then read this howto: http://www.linuxdoc.org/HOWTO/VPN-Masquerade-HOWTO.html However, this only covers kernels 2.0 and 2.2. I haven't tried doing this under 2.4 yet. > > And do I need samba ? I want to keep my Debian fw with as few daemons as > possible, as you can guess ;-) > You only need Samba if you want to provide Windows file and printer sharing on the firewall itself. PPTP does not require Samba. > Anyway THANK YOU for your help ! No problems. Hope this helps! Brendan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
