Port 1723 is used to set-up the PPTP connect, but the actual traffic is
carried over GRE (a protocol type in its own right).
You will also need to allow GRE from the WLAN interface.
----- Original Message -----
From: "Sandro Kehrlein" <sandro at kehrlein dot de>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, January 02, 2006 2:09 PM
Subject: [m0n0wall] Problem with GRE-Protocoll (VPN over WLAN)
first a small introduction: I use a 3rd NIC for WLAN, here I've
connected a standart AP. I deny all traffic from WLAN to *; except
TCP/UDP from * to m0n0wall:1723. So I am only allowed to login into VPN
(PPTP) from WLAN. To connect to my network or the internet, I have to
connect via VPN and that's all working very fine...
But now I often connect to my office via VPN. So on my laptop are 3
connections: Wireless Network, VPN Tunnel to m0n0wall, VPN Tunnel into
my office. I can access to shares on my office-workstations, that's not
the problem. But if I like to connect me via Remotedesktopconnection to
my Office-Server, I'll get an error, that there are network problems.
There is following entry in the logs: Deny - Interface PPTP - Laptop VPN
IP - Office Server IP (the ISP IP, not the internal IP) - Protocol GRE.
I allow everything from PPTP-Clienst to * - each protocol. Now I added
a second rule, allowing especially GRE. It doesn't help...
Anybody out there who can help me?
Thanks a lot!