PPTP server

David Gillett dgillett at NIKU.COM
Fri Feb 25 14:48:33 EST 2000

  TCP is IP protocol no 6.  UDP is no 17.  I think ICMP is no 1.  Port
numbers are a feature of TCP and UDP; ICMP has "types" and other IP
protocols may or may not have mechanisms for identifying subsets.  GRE is a
separate IP protocol, and does not use port numbers within TCP or UDP.
  It is quite possible that your router is blocking GRE; in general,
firewalls block everything except what they are told to allow.

David Gillett
Enterprise Server Manager, Niku Corp.
(650) 701-2702
"Transforming the Service Economy"

-----Original Message-----
From: VPN Mailing List [mailto:VPN at SECURITYFOCUS.COM]On Behalf Of John
Sent: February 24, 2000 20:37
Subject: Re: PPTP server

> installed on the hosts. And if one is using PPTP in
> all
> probability it would need to be able to go through a
> firewall. For the Firewal to allow PPTP traffic to
> flow
> through it you would need the following to be opened
> between the relevant sources/desinations...
> TCP port 1723 and IP protocol no 47 (which is GRE).

I'm a bit confused by IP protocol no 47.  Is this a port number or
something else.  We have a person attempting to connect via pptp thru
our firewall router  and we generally block ports below 1024.  I did a
tcpdump and can see connections going to port 1723 and acks coming back
but it dies at some point in the negociations.  Does port 47 have to be
open or might the the router be blocking protocol no 47 (GRE)?


> -sandy

