[ previous ] [ next ] [ threads ]
 
 From:  "John Benjamin" <john at thebenjs dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Forwarding PPTP vpn clients to a W2k3 server
 Date:  Mon, 7 Nov 2005 20:50:56 -0800
Excellent! Thanks Chris.

Would the DHCP server running on m0n0wall be the server for auth'd clients
in this pass-through scenario? Or, does the vpn server need to provide an
address to new clients?  It seems like m0n0wall should assign an IP to the
incoming client amd then pass it through to the VPN server for
authentication.  

John 
 

>-----Original Message-----
>From: Chris Buechler [mailto:cbuechler at gmail dot com] 
>Sent: Monday, November 07, 2005 20:41 PM
>Cc: m0n0wall at lists dot m0n0 dot ch
>Subject: Re: [m0n0wall] Forwarding PPTP vpn clients to a W2k3 server
>
>On 11/7/05, James W. McKeand <james at mckeand dot biz> wrote:
>> >
>> > You don't forward GRE, it is a protocol (47).   Perhaps enabling
>> > "support" for Protocol 47 is what the "Forward PPTP Clients..."
>> > feature does?
>>
>> Yes, I think that is what it does. I don't believe there is a 
>> mechanism in the WebGUI to "forward" or allow the GRE protocol on a 
>> inbound NAT rule.
>>
>
>Yeah, you can only forward TCP and UDP protocols with ipnat.  
>GRE is another protocol all together.  That's why the 
>"redirect incoming PPTP connections to" option exists on the 
>PPTP page, to use a PPTP server that's behind NAT.
>
>-Chris
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>