Re: HELP!!!
- From: Ansgar -59cobalt- Wiechers <usenet-2006@xxxxxxxxxxxxxxxx>
- Date: 15 Dec 2006 14:55:39 GMT
Da Computer Guy <silicongangsta@xxxxxxxxx> wrote:
I have a WatchGuard III 700 firewall. I have a Microsoft 2003 SBS
server with RRAS configured for VPN connections. I am having
difficulties connecting a XP VPN client to the 2003 server. I can see
in the firewall log file that port 1723 is being passed through to the
2003 server but it is denying GRE (47). Below is an excerpt from the
log file:
12/14/06 15:12 firewalld[129]: deny in eth0:1 57 gre 20 115 X.X.X.X
X.X.X.X (default).
Each time i tried to establish a VPN connection i receive an error 721
connection could not be established.
I'm not quite sure where I need to allow the GRE (47) in the services
arean of the WatchGuard. Ihave port 47 allowed in the firewall rule for
VPN. I did read you need to setup port 47 an "IP" protocol but when I
do this it doesn't allow me to enter a NAT for the 2003 server.
You need to allow GRE on your firewall, which is IP *protocol* 47 (just
like TCP is IP protocol 6 and UDP is IP protocol 17, see [1] for more
information), not *port* 47. I'm not familiar with Watchguard, though,
so I can't tell you where/how exactly to do that.
[1] http://www.iana.org/assignments/protocol-numbers
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.
- References:
- HELP!!!
- From: Da Computer Guy
- HELP!!!
- Prev by Date: Re: Kaspersky anti-virus undermines firewall
- Next by Date: Re: Keeping same IP over VPN
- Previous by thread: HELP!!!
- Next by thread: Re: HELP!!!
- Index(es):
Relevant Pages
|
