|
||||||||||
Thanks for the info I'll concentrate on my PPTP server to see if it's seing the inbound request. As for the console protection a totally agree with you that having serial console access is a good idea on the soekris, but what about other platform with keyboard an monitor ? Quoting Manuel Kasper <mk at neon1 dot net>: > On Thu, 31 Jul 2003, Hugues Belanger wrote: > > > Now I have an e-smith server behind the firewall at ip address 10.10.10.25 > and > > would like to redirect incoming inbound PPTP connection to this server. > > > > I've enable PPTP redirection to 10.10.10.25 and added the followinf rule: > > > > PPTP clients > > Proto Source Port Destination Port Frag Description > > * PPTP clients * LAN net * > > > > > > What am I missing ? > > For PPTP redirection, you don't have to add any firewall rules - the > concept of the "PPTP clients" interface/network only makes sense when > m0n0wall is playing PPTP server. However, your PPTP server might have > troubles with NAT... > > > Also I'm curious why the firewall console is not password protected ? > > The serial console? I don't see why it should be - if you have physical > access to the firewall (i.e. you are able to plug something into its > serial port), you might as well disconnect it/take it apart/examine or > erase the CF/... What if you lock yourselves out (e.g. by forgetting the > password)? Commercial products usually have a reset button; the Soekris > doesn't, so you need to be able to reset it in some other way without > having to reflash the CF. The webGUI is password protected. > > - Manuel > |