Then you need to load the ip_masq_pptp.o (kernel 2.2) for client behind LEAF to work. Huy ----- Original Message ----- From: "Matthew Schneider" <[EMAIL PROTECTED]> To: "'Lynn Avants'" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, January 06, 2004 10:43 PM Subject: RE: [important] Re: [leaf-user] Inside Client PPTP Connection With FreeS/WAN Site-To-Site Connection
> Hi, > > Sorry, my first post might have been a little misleading. The Pix is not > behind one of the Leaf boxes. It is at my job. The firewalls are located at > my house and another family member's house. The only thing that is behind > the firewall is my Windows 2000 client machine. Would the port forwarding > still apply to this situation? > > Matthew > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Lynn Avants > Sent: Monday, January 05, 2004 11:09 PM > To: [EMAIL PROTECTED] > Subject: [important] Re: [leaf-user] Inside Client PPTP Connection With > FreeS/WAN Site-To-Site Connection > > > On Monday 05 January 2004 09:18 pm, Matthew Schneider wrote: > > Hi, > > > > I am currently have 2 sites with a Leaf 2.2.19-3 Firewall at each site. I > > am using FreeS/Wan to create a site-to-site vpn between the two firewalls. > > This setup has been working fine for a while. I have run into a situation > > where I need to use the Microsoft VPN client to make a PPTP connection to > a > > Pix firewall at work from a machine on the inside of one of the firewalls. > > Currently, the connection to the Pix fails behind the firewall. Is it > > possible to make the PPTP connection to the pix and still keep the > > site-to-site VPN. If so, what configurations changes would I need to make > > on the firewall? > > Ipsec and PPTP are entirely different VPN protocols and this is not a > problem > to co-exist. You need to port forward the PPTP service through the firewall > to > the ip address of the PIX box. (GRE protocol, load the ip_masq_pptp module, > and the corresponding ports ...that I don't remember off the top of my > head). > -- > ~Lynn Avants > Linux Embedded Appliance Firewall Developer > http://leaf.sourceforge.net > http://guitarlynn.homelinux.org:81 > > > ------------------------------------------------------- > This SF.net email is sponsored by: IBM Linux Tutorials. > Become an expert in LINUX or just sharpen your skills. Sign up for IBM's > Free Linux Tutorials. Learn everything from the bash shell to sys admin. > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: IBM Linux Tutorials. > Become an expert in LINUX or just sharpen your skills. Sign up for IBM's > Free Linux Tutorials. Learn everything from the bash shell to sys admin. > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
