I believe there is no special GRE proxy for PPTP (unlike IPSEC), so when GRE protocol coming back to your firewall, there is no state for ipfilter to know which inside host should recieve it. So you can only have one PPTP node inside your firewall for each external IP you have on the Firewall.
----- Original Message ----- From: "Nathan Whitehouse" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, May 29, 2003 3:45 PM Subject: PPTP Issues > Hi everyone. > I have PPTP being passed in from the internet thought my ipf firewall to > my MS vpn server and it works no problem > Not I have a user who needs to vpn to another site from behind my > firewall and it gets as far as verifying user and password but hangs. > Now I changed my ipfilter rule that allowed the inbound gre and pptp > port 1723 to allow ant connection. > All I can think of is that when it is coming back to the external IP of > the firewall to be routed to the used the rdr rules for my pptp server > are taking it. > Any suggestions? > > Nathan Whitehouse > Network Operations & Systems Administrator > CompEndium Services Inc. > www.compendiumusa.net > Main - 1-877-709-2667 > Direct - 770-822-6697 > Fax - 1-877-710-2667 > >
