[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSEfirewall2 & MS/VPN



Hello,

OK. So we have something like

FW_FORWARD="0/0,123.456.78.9,tcp,1723 0/0,123.456.78.9,gre,1723

and allow appropriate connections through the firewall from the MS/VPN machine 
to the internal network if required.

Andy

On Monday 28 July 2003 13:09, Marc Samendinger wrote:
> > -----Original Message-----
> > From: Andy Bennett [mailto:andy@xxxxxxxxxxxxxxxxxxxxx]
> > Sent: Monday, July 28, 2003 2:14 PM
> >
> >
> > Hello,
>
> Hello Andy,
>
> > When you say:-
> >
> > > 'You can put the M$ box behind
> > > a suse firewall if you have an official IP for the box,
> >
> > too. Then just
> >
> > > close all exept the PPTP Port and the maschine is as safe as in your
> > > currently setup it would be (if it would work ;)'
> >
> > Do you mean fixed IP address for the SuSEfirewall2 box or the
> > MS VPN box? In
> > fact, I have fixed IP addresses for both and they are both publicly
> > available. So, if my fixed IP address for my MS VPN machine
> > is 123.456.78.9
> > then I should be able to forward packets like so,
> >
> > FW_FORWARD="0/0,123.456.78.9,tcp,1723
>
> In addition to tcp 1723 the VPN uses the protocol GRE
> Take a look at following MS Knowledge Base article
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;241251
>
> hey that one is really good IMHO ;)
>
> *snip*
>
> > Rgds
> > Andy
>
> marc


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here