Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
GRE 1
- Thread starter peterve
- Start date
-
1
- #3
Details on is fine,
but it need some modification, explain below
Assuming the (statically translated) PPTP server is on the Internal network and the PPTP client is on the External network, you need to create and add one more object to the outbound rule. Create an object for the valid address of the PPTP server and put it in the source of the outbound rule and it will work.
The problem is that FW-1 does the translation before it applies the rules, so if you don't put in the object for the valid address, it will get dropped.
(Generally speaking) the rules should look something like this...
(rule 1) Client PPTP-invalid (PPTP svcs) Accept
(rule 2) PPTP-invalid Client (PPTP svcs) Accept
PPTP-valid
Good Luck !
MN
but it need some modification, explain below
Assuming the (statically translated) PPTP server is on the Internal network and the PPTP client is on the External network, you need to create and add one more object to the outbound rule. Create an object for the valid address of the PPTP server and put it in the source of the outbound rule and it will work.
The problem is that FW-1 does the translation before it applies the rules, so if you don't put in the object for the valid address, it will get dropped.
(Generally speaking) the rules should look something like this...
(rule 1) Client PPTP-invalid (PPTP svcs) Accept
(rule 2) PPTP-invalid Client (PPTP svcs) Accept
PPTP-valid
Good Luck !
MN
- Status
Similar threads
- Locked
- Question
- Locked
- Question