http://www.isi.edu/in-notes/iana/assignments/protocol-numbers
http://www.isi.edu/in-notes/iana/assignments/port-numbers
http://www.cis.ohio-state.edu/htbin/rfc/rfc2637.html
According to RFC 2637
quote
1.4. Message Format and Protocol Extensibility
PPTP defines a set of messages sent as TCP data on the control
connection between a PNS and a given PAC. The TCP session for the
control connection is established by initiating a TCP connection to
port 1723 [6]. The source port is assigned to any unused port number.
unquote
So you should see in your logs if there's any activity on port 1723 to see
if there's an attempt to setup a PPTP tunnel. Once setup, the PPTP is
encapsulated in GRE .. So you probably need to add the protocol type for
GRE, type 47.
That's my story and I'm sticking to it :)
Jaime
Jaime M. Rita, CISSP, CCNA - Manager
Applications and IP Services Group, GCOE Solutions Design Team
CA/SP Global Delivery & Solutions, Cisco Systems, Inc.
Page: 800-365-4578 / Cell: 850-572-5346 / eFax: 734-423-0553
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
