[ previous ] [ next ] [ threads ]
 From:  Vincent Fleuranceau <vincent at bikost dot com>
 To:  Mike Zanker <mike at zanker dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP connections blocked after upgrading to 1.2b7
 Date:  Thu, 24 Mar 2005 13:25:21 +0100
Mike Zanker a écrit :
> Just noticed that PPTP no longer works after upgrading to 1.2b7. The
> logs indicate that TCP connections to m0n0wall (via WAN) on port 1723
> are being blocked. I've fixed this by adding a rule on the WAN interface
> to allow TCP from any address to m0n0wall on port 1723.
> This wasn't needed with 1.2b6 - what's changed?

See http://m0n0.ch/wall/beta.php

In particular:

- allow "WAN IP address" as source/destination in firewall rules; reload 
firewall rules when the WAN IP address changes

- the previous change also solves the PPTP VPN server + traffic shaper 
problem (no more NAT redirection to localhost)

I think is is what caused the problem. Most people use a very permissive 
pass rule on PPTP interface whith:

   Source = PPTP clients
   Destination = any

I suppose this is why most people did not notice the change with PPTP...

-- Vincent