[ previous ] [ next ] [ threads ]
 From:  Claude Hecker <hecker at ifina dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP Question
 Date:  Fri, 20 Jan 2006 21:41:10 +0100 (CET)
Yes, as well I use the giveb IP address by the m0n0wall.

That, what I don't understand is ,
everything works from the pptp client side to the lan1 and to the lan2.
Yoo're also able to get access from the lan1 to the pptp client, but not
from the lan2 behind the ipsec tunnel.


Am Fr 20.01.2006 21:15 schrieb dasz <daszylstra at comcast dot net>:

>A simple question comes to mind - when you try to establish a
>connection to
>the pptp client are you using it's IP address as given by Monowall, or
>it's own local IP? you would definitely have to use the one given by
>Monowall . . . . just a thought if you aren't already using it . . . .
>David Zylstra
>(586) 764 9858
>----- Original Message -----
>From: "Claude Hecker" <hecker at ifina dot de>
>To: <m0n0wall at lists dot m0n0 dot ch>
>Sent: Friday, January 20, 2006 2:27 PM
>Subject: [m0n0wall] PPTP Question
>>Hi List,
>>long time ago we established more than 20 m0n0wall boxes in europe,
>>based on 1.2b3, everything is working perfect.
>>Now I've got a little question:
>>as we configuerd pptp access on differen boxes I was asked how it is
>>possible to get reverse access to the pptp ip
>>address from an destination behind an ipsec tunnel. I'm currently not
>>able to answer, because I've never had such
>>a construction.
>>For better understandings:
>>pptp --> m0n0 ---> ipsec tunnel --> m0n0 --> lan 2
>>this works great! But the reverse site won't work.
>>pptp <-- m0n0 <-- ipsec <-- m0n0 <-- lan2
>>so it is not posible to support such a pptp user via remote desktop,
>>because all the traffic to his ip is blocked.
>>We have tried different rulesb, but without success!
>>Anyone ot ther who can tell me a solution?
>>Claude Hecker
>>PS: it's very amusing the current ongoing discussion about photos! I
>>like it!
>>try { document.title = document.getElementById("subject").innerHTML; }
>>catch (e) { }
>>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch