[ previous ] [ next ] [ threads ]
 
 From:  Welby McRoberts <lists at bordem dot net>
 To:  David Cook <david dot cook at jetpress dot com>
 Cc:  "'m0n0wall at lists dot m0n0 dot ch'" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] GRE Tunnels
 Date:  Tue, 30 Mar 2004 09:16:37 +0100
Hi David,

>I assume you mean GRE in the context of PPTP?
>
>  
>
I'm actually meaning GRE Tunnels for either Linux (using iproute2) or 
eventually for Cisco IOS when i can afford a proper switch.

>m0n0wall is really flexible on this, you will find most of the configuration
>options at 'VPN: PPTP'. On this page you can configure m0n0wall to act as a
>PPTP end point or redirect PPTP traffic to a NATed host on the inside of the
>firewall. In either scenario the remote end of the tunnel needs to point at
>the WAN address of the m0n0wall. Note that the PPTP redirection option
>configures the correct firewall rules for the GRE and TCP protocol 1723
>automatically.
>  
>

I've tried forwarding the PPTP traffic to the host where the tunnels 
will end but with no avail

>We are lucky enough to have some public IP subnets which are routed to our
>m0n0wall. We are currently using 1:1 NAT to direct traffic from some of the
>public IPs to servers with public services inside the firewall, PPTP
>included. However this works just as well with no NAT using m0n0wall as a
>packet filtering router (which I do at home with another public IP subnet).
>In either of these scenarios you do have to configure the firewall rules
>manually for GRE and TCP protocol 1723. It is not necessary to configure
>PPTP redirection on the 'VPN: PPTP' page for 1:1 NAT.
>
>Hope this helps, if not let us know.
>
>
>  
>
>>-----Original Message-----
>>From: Welby McRoberts [mailto:lists at bordem dot net]
>>Sent: 29 March 2004 22:28
>>To: m0n0wall at lists dot m0n0 dot ch
>>Subject: [m0n0wall] GRE Tunnels
>>
>>
>>Hello
>>
>>I am just wondering if it is posibly to either have gre 
>>tunnels running 
>>on m0n0 or have gre packets forwarded toanother host.
>>
>>
>>Thanks
>>
>>Welby
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>_______________________________________________________________
>>_________
>>This e-mail has been scanned for all viruses by Star Internet. The
>>service is powered by MessageLabs. For more information on a proactive
>>anti-virus service working around the clock, around the globe, visit:
>>http://www.star.net.uk
>>_______________________________________________________________
>>_________
>>
>>    
>>
>
>JET PRESS LIMITED
>Nunn Close
>Huthwaite
>Nottinghamshire
>NG17 2HW
>UK
>
>Web:	www.jetpress.com
>Tel:	+44-1623-551 800
>Fax: 	+44-1623-551 175
>
>
>Confidentiality Notice 
>This message and its contents are confidential.  The contents are solely for the attention of the
recipient(s) named above and any unauthorised disclosure, copying or distribution is forbidden.  If
you are not the recipient named above, please contact the sender immediately and destroy this
message.  The views expressed in this message are those of the sender and not necessarily those of
JET PRESS LIMITED.
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>  
>

Thanks

Welby