[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Hugues Belanger <hbelanger at 701 dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Redirect PPTP
 Date:  Fri, 1 Aug 2003 10:29:58 +0200 (CEST)
On Thu, 31 Jul 2003, Hugues Belanger wrote:

> Now I have an e-smith server behind the firewall at ip address 10.10.10.25 and
> would like to redirect incoming inbound PPTP connection to this server.
>
> I've enable PPTP redirection to 10.10.10.25 and added the followinf rule:
>
> PPTP clients
> Proto Source Port Destination Port Frag Description
> *  PPTP clients  *  LAN net  *
>
>
> What am I missing ?

For PPTP redirection, you don't have to add any firewall rules - the
concept of the "PPTP clients" interface/network only makes sense when
m0n0wall is playing PPTP server. However, your PPTP server might have
troubles with NAT...

> Also I'm curious why the firewall console is not password protected ?

The serial console? I don't see why it should be - if you have physical
access to the firewall (i.e. you are able to plug something into its
serial port), you might as well disconnect it/take it apart/examine or
erase the CF/... What if you lock yourselves out (e.g. by forgetting the
password)? Commercial products usually have a reset button; the Soekris
doesn't, so you need to be able to reset it in some other way without
having to reflash the CF. The webGUI is password protected.

- Manuel