Re: [Shorewall-users] pptpd vpn and Shorewall

Thu, 15 Nov 2007 06:28:22 -0800 

PPTP requires a port 1723/tcp (aka pptp) to be open, along with IP protocol
GRE for it to work.

So, in essence, the /etc/shorewall/rules file should be something like this:

ACCEPT            wan     fw        tcp     pptp
ACCEPT            wan     fw        gre

However, I believe a more ellegant solution is to define it in the
/etc/shorewall/tunnels, as example 6 demonstrates in the man page of
shorewall-tunnels

So, something like this:
pptpserver          wan

Naturally, make sure that your /etc/shorewall/policy default reject/drop
rule is logged somewhere, and tail your message log (/var/log/messages) if
you're not using ulogd to see the rejected packets, and simply tweak
accordingly.

Cheers
Kris


On 11/15/07, Keith Edmunds <[EMAIL PROTECTED]> wrote:
>
> On Thu, 15 Nov 2007 15:01:10 +0100, [EMAIL PROTECTED] said:
>
> > Do you think it is a problem with Shorewall or the pptpd server?
>
> Not enough information. I suggest you follow the advice re asking for
> support as detailed on the Shorewall website, and attach a Shorwewall
> dump.
>
> Keith
>
> --
> Keith Edmunds
>
> ---------------------------------------------------------------
> Tiger Computing is looking for a Linux Support Consultant - see
> http://www.tiger-computing.co.uk/page?27
> ---------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to