[ale] [OT - MS Bashing][Fwd: Firewall]
Jonathan Glass
jonathan.glass at ibb.gatech.edu
Thu Mar 6 12:44:48 EST 2003
Hehe. Someone I know is trying to get PPTP to work through their Linux
firewall (worked fine until they rebooted), and decided to test the VPN
box (Windows 2000 server) outside the firewall. Here is his email to
me. I especially love the "Microsoft said" part.
BTW, the problem was that the "ip_masq_pptp" kernel module wasn't
loading at boot.
Jonathan Glass
-----Forwarded Message-----
From: <snip>
To: jonathan.glass at ibb.gatech.edu
Subject: Firewall
Date: 06 Mar 2003 11:21:44 -0500
Jonathan,
I tried putting the vpn outside the firewall, but had some problems.
Microsoft said I should keep the vpn behind the firewall because it is not
the greatest for security.
I am paraphrasing.
Anyway I am trying to understand the rules you have an cannot find
information on the commands. Also I was told to go to the following website
to get a list of the protocols and ports to allow access.
Input Filters
Src addr Src mask Dest addr Dest mask
Protocol Src port Dest port Description
Any Any Any Any 47 Any Any GRE
Any Any <snip> 255.255.255.255 TCP
1723 Any PPTP Inbound
Any Any <snip> 255.255.255.255 TCP Any
1723 PPTP Outbound
Any Any <snip> 255.255.255.255 UDP 500
500 ISAKMP
Any Any <snip> 255.255.255.255 UDP
1701 1701 L2TP
After modifying the Output filters, the displayed matrix would look like:
Src addr Src mask Dest addr Dest mask Protocol
Src port Dest port Description
Any Any Any Any 47 Any Any GRE
<snip> 255.255.255.255 Any Any TCP
1723 Any PPTP Inbound
<snip> 255.255.255.255 Any Any TCP Any
1723 PPTP Outbound
<snip> 255.255.255.255 Any Any UDP 500
500 ISAKMP
<snip> 255.255.255.255 Any Any UDP
1701 1701 L2TP
Director of Computer and Information Resources & CIO
<snip> College
--
Jonathan Glass
Systems Support Specialist II
Institute for Bioengineering & Bioscience
Georgia Institute of Technology
404.385.0127
This is a digitally signed message part
More information about the Ale
mailing list