On 7/7/05, Jonas Claesson <jonas dot claesson at home dot se> wrote:
> ....story continues....
> Is there any difference in the way FreeBSD and Linux (2.4 kernel)
> handles PPTP/NAT?
> - Client: WinXP
> - "Local"-Firewall: E-Smith (running modified RedHat)
> - PPTP server 1: E-Smith
> - PPTP server 2: Linksys WRT54G running Sveasoft firmware (Linux)
> - PPTP server 3/4: Monowall 1.2b9
> I can connect to both PPTP server 1 & 2 without any issues. Whenever I
> try to connect to a PPTP server running on Monowall my local firewall
> drops all GRE packets from Monowall....why?
Uhm - because there is no rule to allow the packet to pass perhaps?
> For a brief moment today I messed up my local firewall (blocking all
> external access to services) and during that time I were able to connect
> to the Monowall PPTP server.
So, let me get this right:
a) you completely cut yourself off from the network by "messing with"
your firewall rules
b) you were able to connect to m0n0 pptp over some network connection?
I think we're missing a large piece of the picture here, because a)
and b) should be mutually exclusive - either you're firewalled off
completely or not - you cannot have it both ways :) You might have
accidentally blocked TCP/UDP *after* the tunnel was up, in which case
you thought you were blocking everything, but the tunnel doesn't use
TCP/UDP protocols - it uses protocol 47 as mentioned previously.
Can you send in the block reports from your local firewall (hide your
real IP's first)? - and which local firewall are you using - XP
native, Tiny, Kerio, a hardware device, other combo device