[ previous ] [ next ] [ threads ]
 
 From:  Hugues Belanger <hbelanger at 701 dot com>
 To:  Hugues Belanger <hbelanger at 701 dot com>
 Cc:  Manuel Kasper <mk at neon1 dot net>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Redirect PPTP
 Date:  Fri, 1 Aug 2003 10:14:07 -0400 
Ok I've tested everything and the request in not getting to my PPTP server 
behind the firewall. any ideas ?





Quoting Hugues Belanger <hbelanger at 701 dot com>:

> Thanks for the info I'll concentrate on my PPTP server to see if it's seing
> the 
> inbound request.
> 
> As for the console protection a totally agree with you that having serial 
> console access is a good idea on the soekris, but what about other platform
> 
> with keyboard an monitor ?
> 
> 
> 
> 
> Quoting Manuel Kasper <mk at neon1 dot net>:
> 
> > On Thu, 31 Jul 2003, Hugues Belanger wrote:
> > 
> > > Now I have an e-smith server behind the firewall at ip address
> 10.10.10.25
> > and
> > > would like to redirect incoming inbound PPTP connection to this server.
> > >
> > > I've enable PPTP redirection to 10.10.10.25 and added the followinf
> rule:
> > >
> > > PPTP clients
> > > Proto Source Port Destination Port Frag Description
> > > *  PPTP clients  *  LAN net  *
> > >
> > >
> > > What am I missing ?
> > 
> > For PPTP redirection, you don't have to add any firewall rules - the
> > concept of the "PPTP clients" interface/network only makes sense when
> > m0n0wall is playing PPTP server. However, your PPTP server might have
> > troubles with NAT...
> > 
> > > Also I'm curious why the firewall console is not password protected ?
> > 
> > The serial console? I don't see why it should be - if you have physical
> > access to the firewall (i.e. you are able to plug something into its
> > serial port), you might as well disconnect it/take it apart/examine or
> > erase the CF/... What if you lock yourselves out (e.g. by forgetting the
> > password)? Commercial products usually have a reset button; the Soekris
> > doesn't, so you need to be able to reset it in some other way without
> > having to reflash the CF. The webGUI is password protected.
> > 
> > - Manuel
> > 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>