Réf. : re. another vpn problem

R.DAVIDOVICH@cvitkovic-ac.fr R.DAVIDOVICH@cvitkovic-ac.fr
Wed, 24 Oct 2001 13:19:42 +0200 

Hello,
     In theory (with windows it can be far away from reality) you just need
to open up the port 1723-tcp (PPTP port) and the IP protocol 47 (GRE
something.. used for the authentication process).

What I did is:

     #allow IP protocol 47 connections from anywhere
     iptables -A YOURCHAIN -m state --state NEW -p 47 -s 0/0 -d
YOURVPNSERVERIP -j ACCEPT

     #allow incoming TCP connections to port 1723 of the VPN server from
anywhere
     iptables -A YOURCHAIN -m state --state NEW -p TCP -s 0/0 -d
YOURVPNSERVERIP --dport 1723 -j ACCEPT

Normally this should work.. if not, you can try as well to allow
connections from your server to the world...

hope this will help

Best regards

---------------------------------------------------
Raul Davidovich
Responsable Informatique
Cvitkovic & Associés Consultants

(33) 1 45 15 40 68
(33) 1 45 15 40 41 Fax
-------------------------------------------------------
http://www.caconcology.com


|--------+----------------------->
|        |          Shekhar Joshi|
|        |          <gotyajoshi@y|
|        |          ahoo.com>    |
|        |                       |
|        |          24/10/2001   |
|        |          11:38        |
|        |                       |
|--------+----------------------->
  >--------------------------------------------------------------------------
-------------------------------------------------------------------|
  |
|
  |       Pour :  r.davidovich@cvitkovic-ac.fr
|
  |       cc :
|
  |       Objet :      re. another vpn problem
|
  >--------------------------------------------------------------------------
-------------------------------------------------------------------|




hello
saw your posting at netfilter mailing list. i too have
a vpn configuration problem i can make out going
connections but no incoming connections. in fact i had
posted the problem on the mailing list.

from your posting it seems you can make outgoing as
well as incoming connections for client winMe and
above.
i would be happy if you could give me some inputs or a
sample fw script which i can study and implement./

thanks in advance

shekhar



__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com