[ale] VPN and Linux firewall

Geoffrey esoteric at 3times25.net
Tue Jul 2 14:01:48 EDT 2002


Matthew Brown wrote:
> It's an NT 4.0 firewall running PPTP

So, I assume you have a machine inside your firewall that is masqed 
through it?  And you want to be able to do the pptp stuff that route?

The solution is different depending on kernel version and whether you're 
using ipchains or iptables.

Check out the following:

http://www.tldp.org/HOWTO/VPN-Masquerade-HOWTO.html

That may be all you need depending on what all you want to do, you might 
check out:

http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/

Inparticularily:

http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/vpns.html

Let me know if you get stuck.  You may need to recompile your kernel for 
the gre stuff.
> 
> Best regards,
> Matthew Brown, President
> CorData, Inc.
> O: (770) 795-0089
> F: (404) 806-4855
> E: matthew.brown at cordata.net
> 
> 
> -----Original Message-----
> From: Geoffrey [mailto:esoteric at 3times25.net] 
> Sent: Tuesday, July 02, 2002 11:29 AM
> To: Matthew Brown
> Cc: ale at ale.org
> Subject: Re: [ale] VPN and Linux firewall
> 
> 
> My vpn no longer passes through my firewall, but at one time it did and 
> I had both firewalls configured to properly handle both ipsec and pptp. 
>   Which protocol does your vpn use?
> 
> Matthew Brown wrote:
> 
>>Has anyone successfully configured a basic 2.4.18 kernel for use as a
>>firewall with VPN.
>>
>> 
>>
>>I have everything humming along nicely, but the VPN just won't work.
>>
>> 
>>
>>Best regards,
>>
>>Matthew Brown, President
>>
>>CorData, Inc.
>>
>>O: (770) 795-0089
>>
>>F: (404) 806-4855
>>
>>E: matthew.brown at cordata.net <mailto:matthew.brown at cordata.net>
>>
>> 
>>
>>
> 
> 


-- 
Until later: Geoffrey		esoteric at 3times25.net

I didn't have to buy my radio from a specific company to listen
to FM, why doesn't that apply to the Internet (anymore...)?


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list