[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP VPN Server Behind Linksys Firewall
 Date:  Wed, 12 Oct 2005 20:57:36 -0400
On 10/12/05, Joe Catanzaro <jpc at runordie dot com> wrote:
> I'm a first time m0n0wall user and I'd like to setup m0n0wall as a
> PPTP VPN server behind a Linksys WRT54G firewall. I am able to see
> packets sent to the m0n0wall box, but they are dropped by the
> m0n0wall firewall. The box is plugged into the network through the
> LAN interface and nothing else.

can't do that.  m0n0wall has to have a default gateway, and that can
only be on the WAN interface.  You'll have to dual home m0n0wall for
it to work.  The rule dropping the traffic is the antispoofing rule,
but it wouldn't matter if that wasn't there since m0n0wall doesn't
know how to return the PPTP traffic to the PPTP client anyway.

another problem is getting GRE through the Linksys without breaking it
(GRE and NAT don't mix well).  Not sure if Linksys's will forward GRE
properly.

You can save yourself a lot of hassle by using the WRT54G as an AP
only (ideally off a 3rd interface on m0n0wall to protect your LAN from
wireless), and putting in m0n0wall as your firewall.

-Chris