> On 7/7/05, Jonas Claesson <jonas dot claesson at home dot se> wrote:
>>Is there any difference in the way FreeBSD and Linux (2.4 kernel)
>>- Client: WinXP
>>- "Local"-Firewall: E-Smith (running modified RedHat)
>>- PPTP server 1: E-Smith
>>- PPTP server 2: Linksys WRT54G running Sveasoft firmware (Linux)
>>- PPTP server 3/4: Monowall 1.2b9
>>I can connect to both PPTP server 1 & 2 without any issues. Whenever I
>>try to connect to a PPTP server running on Monowall my local firewall
>>drops all GRE packets from Monowall....why?
> Uhm - because there is no rule to allow the packet to pass perhaps?
>>For a brief moment today I messed up my local firewall (blocking all
>>external access to services) and during that time I were able to connect
>>to the Monowall PPTP server.
> So, let me get this right:
> a) you completely cut yourself off from the network by "messing with"
> your firewall rules
> and yet:
> b) you were able to connect to m0n0 pptp over some network connection?
> I think we're missing a large piece of the picture here, because a)
> and b) should be mutually exclusive - either you're firewalled off
> completely or not - you cannot have it both ways :) You might have
> accidentally blocked TCP/UDP *after* the tunnel was up, in which case
> you thought you were blocking everything, but the tunnel doesn't use
> TCP/UDP protocols - it uses protocol 47 as mentioned previously.
> Can you send in the block reports from your local firewall (hide your
> real IP's first)? - and which local firewall are you using - XP
> native, Tiny, Kerio, a hardware device, other combo device
I'm sorry for my confusing explanations, but it was hard to pinpoint the
exact reason to why I suddenly were able to connect to Monowall.
Since I really can't explain in words what's wrong I'll just leave it be
until I have further information.
Thanks for all your efforts!