Win 2000 VPN and Linux Firewall

[OUCATS]

I am setting up a new VPN for employees working from home and I'd like any help on doing it right. I am thinking that the Windows 2000 Server VPN would probably work, but I also have a Linux Firewall to deal with. The windows part I understand pretty well, it's the Linux firewall that I'm new to. Is there anything I need to be aware of with communicating through the Linux firewall??? Or any suggestions on the best way to set up a VPN like I'm talking about??? Thanks in advance.

 

[LKT]

Follow the tids on technet.microsoft.com and in the server help for the 2000 config, that side is very easy.

The key things for the firewall is to tell it to allow certain ports through to the 2000 VPN server. I cant remember exactly what ports they are (1501 tcp, some udp springs to mind) but they are detailed in the server help. If the VPN server is internal with no public IP, then the firewall will need to NAT forward the ports to the VPN server.

The problem most people find is that they forget to allow outgoing packets to be sent on certain ports aswell. The procedure to follow is basically allow incoming and outgoing on those ports.

Hope that helps, Cheers Andy.

 

[FilthPig]

We're running a 2000 VPN through a linux firewall, and the linux forwarding gave us such a headache. If you're running PPTP, you need to open port 1723 to GRE traffic. GRE is Generic Routing Encapsulation, IP protocol 47 (as opposed to TCP or UDP). If you have a somewhat recent linux distro you should have support for that. Even with that support, we had such a hard time getting the traffic to forward correctly that we ended up installing a pptp proxy program that can be downloaded 100% free from

http://www.mgix.com/pptpproxy/

It's worked great for us so far.
Marc Creviere