PPTP server

David Gillett dgillett at NIKU.COM
Fri Feb 25 14:48:33 EST 2000


  TCP is IP protocol no 6.  UDP is no 17.  I think ICMP is no 1.  Port
numbers are a feature of TCP and UDP; ICMP has "types" and other IP
protocols may or may not have mechanisms for identifying subsets.  GRE is a
separate IP protocol, and does not use port numbers within TCP or UDP.
  It is quite possible that your router is blocking GRE; in general,
firewalls block everything except what they are told to allow.

David Gillett
Enterprise Server Manager, Niku Corp.
(650) 701-2702
"Transforming the Service Economy"

-----Original Message-----
From: VPN Mailing List [mailto:VPN at SECURITYFOCUS.COM]On Behalf Of John
Hayward
Sent: February 24, 2000 20:37
To: VPN at SECURITYFOCUS.COM
Subject: Re: PPTP server


> installed on the hosts. And if one is using PPTP in
> all
> probability it would need to be able to go through a
> firewall. For the Firewal to allow PPTP traffic to
> flow
> through it you would need the following to be opened
> between the relevant sources/desinations...
> TCP port 1723 and IP protocol no 47 (which is GRE).

I'm a bit confused by IP protocol no 47.  Is this a port number or
something else.  We have a person attempting to connect via pptp thru
our firewall router  and we generally block ports below 1024.  I did a
tcpdump and can see connections going to port 1723 and acks coming back
but it dies at some point in the negociations.  Does port 47 have to be
open or might the the router be blocking protocol no 47 (GRE)?

TIA

johnh...
>
> -sandy

VPN is sponsored by SecurityFocus.COM

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list