GRE & PPTP behavior

Unanswered Question
May 5th, 2007

Hi All,

i have at my site a Win2k that i'm using as RRAS & VPN; it has 1 interface on a DMZ, and another on the internal LAN.

as an additional step, i configured an inbound ACL on my gateway's WAN interface {see attached file}.

when i try to initiate a VPN connection with an office, opening GRE & PPTP {tcp port 1723} between the two peers does not make it work; i need to open ip as well.

any insight please?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
m-mneimneh Fri, 05/18/2007 - 04:53

i reordered the ACL entries; i now see multiple types of behavior:

10 permit gre host R1 host (115593 matches)

11 permit tcp host R1 host eq 1723 (84 matches)

12 permit ip host R1 host (1034 matches)

20 permit gre host R2 host (10245 matches)

21 permit tcp host R2 host eq 1723

22 permit ip host R2 host (1156 matches)

30 permit gre host R3 host (17865 matches)

31 permit tcp host R3 host eq 1723 (1152 matches)

32 permit ip host R3 host

each peer seems to have its own requirements. what do you think?


This Discussion