[ previous ] [ next ] [ threads ]
 From:  Paulo Pinto <paulo dot pinto at interacesso dot pt>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  PPTP Server on a Bridged DMZ ?
 Date:  Fri, 26 Nov 2004 17:25:33 +0000

I have a m0n0wall firewall (CDRom based, still a 1.1b1 ) with the 
following setup:

- LAN = 192.168.x.x/24
- WAN = Fixed public IP address
- DMZ = bridged with WAN (filtered, of course)

Everything seemed to be working great, all rules worked as expected ... 
except when I tried to grant PPTP access from the "outside world" to a 
Windows server that sits on the DMZ
The rules to permit PPTP traffic to that machine seemed to be ignored by 
the firewall: opened 1723/tcp and GRE to the machine specifically and 
even tried to allow that port and protocol to all DMZ ... but still 
couldn't reach the Windows PPTP server.

Then I've disabled the PPTP server on the m0n0wall itself... surprise: I 
can reach the Windows pptp server now.

Is this supposed to be like this ? Is there any workaround for this ?
I can "live" with the m0n0wall pptp server off for a few days ... but I 
need to put it back online and still grant access to the Windows pptp 
server on the DMZ...

Hints anyone ?


Paulo Pinto
paulo dot pinto at interacesso dot pt
+351 96 9830611
smime.p7s (5.9 KB, application/x-pkcs7-signature)