[ previous ] [ next ] [ threads ]
 
 From:  Chet Harvey <chet at pittech dot com>
 To:  "Herron, David S" <DSHerron at nbc dot edu>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP through m0n0 not authenticating
 Date:  Fri, 13 Aug 2004 14:41:48 -0400
ok I may be slow but is this is essesnce what you network looks like?

WiFi DMZ/LAN
  |
  |
M0n0wall
  |
  |
WAN Segment
  |
  |
Firewall
  |
  |
VPN Concentrator

Chet Harvey
Pitbull Technologies <http://www.pittech.com/> 
Protecting your Digital Assets
703.407.7311


Quoting "Herron, David S" <DSHerron at nbc dot edu>:

> I can't seem to get PPTP to work through m0n0wall.  I am trying to
> connect from a host on my LAN connection to a Windows 2000 VPN server
> outside (WAN) using the XP PPTP client.  If I place my client on the WAN
> subnet (outside the firewall) everything works perfectly.  I am using
> v1.1b16.  I am using captive Portal, everything there works as expected.
> My rules (right now) are set to pass all packets (three rules):
> 
>  
> 
> WAN ALLOW Prot * Source * Port * Dest * 
> 
> PPTP ALLOW Prot * Source * Port * Dest * ( I have tried with and without
> this rule)
> 
> LAN ALLOW Prot * Source * Port * Dest * 
> 
>  
> 
> Allow fragmented packets is on for all 3 rules, due to another msg in
> the list concerning PPTP
> 
> Outbound NAT is checked 'Enable advanced outbound NAT'.
> 
> VPN: PPTP on m0n0 is set to 'OFF'.
> 
> VPN: IPSEC on m0n0 is not enabled.
> 
> Traffic shaping has been tried both enabled and disabled.
> 
> Generic PC version w/ CDROM and floppy
> 
>  
> 
> Client seems to connect, but can't authenticate.  It goes from
> 'Connecting to <vpn host name>' to 'Verifying username and password'.
> It sits there until it times out.  Again, if the client is put on the
> WAN side, the connection goes through perfectly.  M0n0 is being used
> primarily for captive portal support for a campus wireless
> implementation but LAN users on the wireless network (LAN side) will
> need to VPN into corporate network (on other side of another firewall on
> WAN connection) after captive portal allows their login and connection.
> 
>  
> 
> Any suggestions?
> 
> BTW Manuel - Amazing product, keep up the great work!
> 
>  
> 
> Thanks,
> 
> David Herron  --
> dsherron{remove-spamfree}{-at-}{remove-nospam}nbc{-dot-}edu
> 
>