[ previous ] [ next ] [ threads ]
 From:  David Cook <david dot cook at jetpress dot com>
 To:  'Welby McRoberts' <lists at bordem dot net>
 Cc:  "'m0n0wall at lists dot m0n0 dot ch'" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] GRE Tunnels
 Date:  Tue, 30 Mar 2004 09:51:47 +0100
>-----Original Message-----
>From: Welby McRoberts [mailto:lists at bordem dot net]
>Sent: 30 March 2004 09:17
>To: David Cook
>Cc: ''
>Subject: Re: [m0n0wall] GRE Tunnels
>Hi David,
>I'm actually meaning GRE Tunnels for either Linux (using iproute2) or 
>eventually for Cisco IOS when i can afford a proper switch.
>I've tried forwarding the PPTP traffic to the host where the tunnels 
>will end but with no avail


H'mm, not sure if the PPTP redirection is going to work as you only really
want GRE and not the TCP 1723 control protocol. Is this correct?

From my (basic) understanding of GRE, you shouldn't have an issue with 1:1
NAT and a suitable Firewall rule allowing the GRE traffic. Under this
configuration all traffic is NATed to the specified inside host, subject to
suitable firewall rules. Do you have a public IP address that you can use
for this purpose? Unfortunately you cannot configure inbound NAT using the
m0n0wall WAN address with GRE, only TCP and/or UDP.

If you are creating LAN <-> LAN tunnels you might want to consider the IPSEC
functionality in m0n0wall. This works a treat, though we have only used it
with a m0n0wall at both ends.

Nunn Close
NG17 2HW

Web:	www.jetpress.com
Tel:	+44-1623-551 800
Fax: 	+44-1623-551 175

Confidentiality Notice 
This message and its contents are confidential.  The contents are solely for the attention of the
recipient(s) named above and any unauthorised disclosure, copying or distribution is forbidden.  If
you are not the recipient named above, please contact the sender immediately and destroy this
message.  The views expressed in this message are those of the sender and not necessarily those of