Linux Firewall & Microsoft PPTP (VPN) Problem.

Linux Firewall & Microsoft PPTP (VPN) Problem.

Post by Simon Morle » Wed, 17 Sep 1997 04:00:00



Hi All,
    I am trying to setup a VPN from one Microsoft NT4 Server to another
using the Routing and Remote Access service release from Microsoft.

The problem is that our server here is behind a Linux firewall. The
network is currently setup using private address block 192.168.0.0
addresses as follows :-

Linux Firewall
192.168.1.1--------------------------[Office Network : 192.168.1.0
Addresses]
         |
         |
         *---------[ NT4 Server : Office Side [192.168.1.40]
                         [ NT Dev Network Side    [192.168.2.0]]
                                               |
                                               *------[NT Development
Network : 192.168.2.0 Addresses]

What I need to do is link our Dev  Network to another Dev Network on a
remote site, so what I am thinking of doing is say assigning
192.168.200.0 Address pool to the VPN, and give stations that need to
have access to the VPN both an internal network IP Address and a VPN
(192.168.200.0) address.

The main problem is getting through the Linux Firewall, I understand
that PPTP uses a TCP connection on port 1723. What I need is a mathos
which would  allow either and of the VPN to initiate the connection. I
was just going to use something like tcpf to relay the connection, but
that would work only one way.

Another possible solution would be to install PPTP on the Linux  server,
I gather that there is support  for it in later 2.0 and 2.1 kernels but
with our encryption which would  be useless :(

Has anyone got any suggestions, surely someone else has been in this
position, what did you do ?

Any help would be greatly appreciated !

Simon Morley

 
 
 

Linux Firewall & Microsoft PPTP (VPN) Problem.

Post by Bob Smar » Fri, 19 Sep 1997 04:00:00



> The main problem is getting through the Linux Firewall, I understand
> that PPTP uses a TCP connection on port 1723.

Not JUST TCP port 1723.  It also uses IP protocol 47 (GRE).

Quote:> Another possible solution would be to install PPTP on the Linux  server,
> I gather that there is support  for it in later 2.0 and 2.1 kernels but
> with our encryption which would  be useless :(

There is?  Are you talking about the IPIP option, or is there an actual
PPTP client implemented somewhere?