The
software install is no big deal. In my OPINION, it is also a little more
secure than MS's implementation.
The
following is from the FW1 faq at www.phoneboy.com
PPTP
Q:
How can I make FireWall-1 work with PPTP?A:
You must add a rule permitting access between your PPTP clients and server. PPTP uses two services:- TCP port 1723 for a control session
- A variation of the GRE protocol (IP Protocol 47) for data.
(Note: ip_p = 47 identifies the IP protocol type as GRE. [22:2,b] = 0x880B identifies the payload protocol as GRE.)
The rules look like this:
| Source | Destination | Service | Action |
| PPTP-Clients | PPTP-Server | PPTP-Control PPTP-Data |
Accept |
| PPTP-Server | PPTP-Clients | PPTP-Control PPTP-Data |
Accept |
PPTP will work with Static NAT, but not HIDE NAT.
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm-----Original Message-----
From: Shannon Speck [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 06, 2001 1:44 PM
To: NT System Admin Issues
Subject: RE: Provide 56K dial-upCould I by chance get a little more info on how to make it work? I have read many posts on this and basically everyone says "Well if it works it works and if doesn't it doesn't". Kind of funny actually. I have been hammering on this thing for quite a while now and would love to resolve it. I do not want to use their client because of the software install. MS VPN is already there.Thanks,Shannon-----Original Message-----
