I'm running Squid 2.5 and RC.Firewall on a Mandrake 9.1 box. The firewall denies any unrequested outside traffic, but allows anything that IS requested from the inside.
And this is the beginning of my problem. I have a division that may begin using VPN connections to a vendor, and I set up the (sorry) Microsoft Network and Dialup Connections on a Win2k Pro machine to create a VPN client connection. All the choices are generic, so I'm presuming it's making a PPTP connection. And of course, it's not connecting. After 30 seconds, I get a "No answer; error 678" box. I "tail -30 messages" on the firewall log, but it shows no denials from eth1 or eth0. Going to squid.conf, I added an acl that says "ACL Safe_Ports port 50-51", and did the same for 500. 1701 and 1723 are already open because of a ACL that deems everything from 1024 up to be a "safe_ports". I tried it again, but it's still not working. When I went to squid-cache.org to look at the FAQ (I did this time!), on the 450k HTML doc (http://squid-docs.sourceforge.net/latest/book-full.html) I did a search for "vpn" "l2tp" and "pptp", but could find nothing. I don't know if that means the subject hasn't been handled or not. The last detail I can give you is that my Win box is sitting behind a router that passes to another router through frame relay. Then out of that router I go into the other division's network, to eth1 on the Squid box, then on to the outside world. And I'm presuming that my VPN client simply follow the path of my "default gateway", which then should route any non-local-network traffic out its own gateway. Any idears? TIA. Eric Geater I.T. Representative MSCO, Inc. 731-935-8538 731-431-3742 egeater at mscoinc dot com
