Sidewinder 4.01 and GRE
Tina Bird
tbird at secnetgroup.com
Sat Sep 4 13:09:42 EDT 1999
Hi Pat --
Did you configure the Sidewinder packet filters to allow
the GRE traffic? That involves a combination of COBRA
work and command line editing. The specific instructions
are available at
http://kubarb.phsx.ukans.edu/~tbird/vpn.html
(click on How-To). I actually wrote the Sidewinder PPTP
doc myself, so feel free to ask if this doesn't work.
One caveat -- information from the packet filters doesn't
make it into /var/log/audit.asc, so debugging can be a little
awkward...
hope this helps -- Tina
On Sat, 4 Sep 1999, Pat Bryan wrote:
> Date: Sat, 4 Sep 1999 08:16:07 -0500
> From: Pat Bryan <pbryan at acrux.net>
> To: vpn at listserv.secnetgroup.com
> Subject: Sidewinder 4.01 and GRE
>
> Howdy,
>
> I am attempting to configure PPTP through my SC Sidewinder. I have allowed
> specific class "C" addresses designated by my ISP, into the external side of
> the firewall. I have opened port 1723 and get the initial connection, but
> GRE seems unable to pass.. I.E., when I do a tcpdump on the external side of
> the firewall.. I get something like this..
>
>
> #.#.#.51 > #.#.#.10 IP-PROTO-47 GRE
> #.#.#.51 > #.#.#.10 IP-PROTO-47 GRE
> #.#.#.51 > #.#.#.10 IP-PROTO-47 GRE
> #.#.#.51 > #.#.#.10 IP-PROTO-47 GRE
> #.#.#.51 > #.#.#.10 IP-PROTO-47 GRE
>
> (51 is the dialup node, 10 is the firewall).. And then I am disconnected...
> Any ideas would be greatly appreciated..
>
> Thanks,
> Pat
>
> ****************************************************************
> TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
>
> The VPN FAQ (under construction) is available at
> http://kubarb.phsx.ukans.edu/~tbird/FAQ.html
>
> We are currently experiencing "unsubscribe" difficulties. If you
> wish to unsubscribe, please send a message containing the single line
> "unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com
>
> ****************************************************************
>
****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/FAQ.html
We are currently experiencing "unsubscribe" difficulties. If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com
****************************************************************
More information about the VPN
mailing list