AW: [Shorewall-users] Debian pptpd
Mon, 1 Jul 2002 16:30:12 +0200
tom has good infos at: http://www.shorewall.net/PPTP.htm
i am running poptop on a suse 7.3
(you must patch ppp and the kernel to get it work with encryption)
no troubles with xp, 2000 and nt4.0 clients.
are you running a personal firewall on you xp system?
my options file:
let me know if you need my perfekt working shorewall files.
[mailto:email@example.com]Im Auftrag von Charles J.
Gesendet: Montag, 01. Juli 2002 16:02
Betreff: RE: [Shorewall-users] Debian pptpd
You don't have to use encryption, but it's not a bad idea.
Make sure you have a rule like this:
ACCEPT net $FW 47
ACCEPT net $FW tcp 1723
I think that's right. The first one is to allow protocol 47 ... GRE
tunnel IIRC (probably wrong .. Been a while) and the second one, tcp
port 1723 is for making the actual connection. The GRE protocol is
basically how the data is encapsulated.
I run PoPToP (pptpd) (http://www.poptop.org) on a Mandrak 8.2 system.
The only problem I have with XP clients is after disconnect, they have
to reboot to connect again. Meanwhile, 9x/ME clients can disconnect and
reconnect all day long without rebooting. It could be something with
the XP configuration, I haven't really looked into it yet.
Also, if you're not using encryption, make sure you turn on the "require
encryption" on you XP clients. I believe you have to go into the
"advanced" settings in the security tab for the connection and turn
encryption off or make it optional.
Hope this helps.