Shorewall Firewall question
From: Mark L. Cooper (mlcooper54_no_spam__at_aol.com)
Date: 01/14/05
- Next message: Kejun Mei: "Re: help on partition plan"
- Previous message: Steve: "Linux - a quandary!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 14 Jan 2005 17:50:44 -0500
Sorry in advance for such a newbie-type question, but....
Is it possible to pass PPTP packets through 2 firewalls before
they hit the remote access server?
I installed a Netgear ProSafe VPN firewall as the first line of
defense in my network. I have since set up a Fedora Core 2 server
running Shorewall (to configure IPTables), and Squid in
non-transparent mode, between the Netgear unit and my network.
So, the Netgear faces the Internet with a public, static, IP address.
It forwards port 1723 to the 'net' side of the FC2 server. The FC2
DNAT's port 1723 to a W2K server on the local side of the FC2 server.
The Netgear LAN address is 192.168.40.100. This is connected to the
FC2 net address at 192.168.40.115. The FC2 local address is
192.168.50.215, the W2K server is at 192.168.50.201.
Here is the entry from /etc/shorewall/rules:
ACTION SRCE DEST PROTO DEST SOURCE ORIGINAL
PORT
PORT(S) DEST
DNAT net loc:192.168.50.201 tcp 1723 -
192.168.40.115
I haven't been able to get this setup to work.
Any thoughts, suggestions?
Thanks in advance,
Mark
-- Mark L. Cooper Junction City, Ohio USA
- Next message: Kejun Mei: "Re: help on partition plan"
- Previous message: Steve: "Linux - a quandary!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
