[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Using VPN PPTP over WAN
 Date:  Thu, 11 Nov 2010 08:42:06 -0500
On 11/10/2010 08:57 PM, Victor Di Girolamo wrote:
> Hi,
> For 3 days i am trying to set the firewall rules to allow VPN PPTP connection over the WAN
interface. I know the VPN server is properly configure because when i uncheck "Block private
networks" under Interface/WAN configuration, everything work fine. So i tired different rules and
NAT to allow connection to bypass the "Block private networks" but nothing seem to work. Also i
check the logs while attempting a connection and the firewall seem to block port that i made special
rules to allows access!
> I tried to copy that example (http://doc.m0n0.ch/handbook/faq-webGUI-from-WAN.html) which allow
access to the firewall webui from wan (of course i change the settings, port 1723 and gre proto) but
no success
> Did anyone know the trick to enable that feature without compromise security ?

Describe your networks...  I am betting there is a private network 
involved, which is why the block rule blocks it...

Also, the "Block private network" rule is not the shining star of 
security.  The real thing that compromises it is the "Default LAN -> 
Any" rule.