[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: VPN PPTP and Firewall settings

Subject: Re: VPN PPTP and Firewall settings
From: "Heath Henderson" <email@hidden>
Date: Wed, 30 Nov 2005 07:28:52 -0600
Delivered-to: email@hidden
Delivered-to: email@hidden

Port 47 is your GRE port.  You have to have this open for PPTP VPN connections to work correctly (at least with Windows).



Heath Henderson
Technology Administrator
McLean County Unit 5 Schools
Normal, IL 61761   

"Computers, sometimes they work, sometimes they don't!"

>>> David Thompson <email@hidden> 11/30/05 6:31 AM >>>
Some things I have found with VPN services is you have to have some  
other ports opened up on your firewall as well:

I have the following opened or checked off:

ESP - Encapsulating Security Payload protocol
500 -   VPN ISAKMP/IKE -- UDP
1723 - PPTP --  TCP
4500 - IKE NAT Transversal -- UDP


David



On Nov 30, 2005, at 1:57 AM, Paul van Gestel wrote:

> Hi,
>
> Search the list but did not find a solution.
> I setup my Xserve OS X Server 10.4.3 with two enthernet interfaces  
> to service VPN PPTP and enabled port 1723 in any in my firewall (on  
> the same xserve).
> When I try to connect with a Win XP Pro SP2 laptop from the  
> internet the firewall log shows:
>
>
> Nov 29 09:28:30 xserve ipfw:  65534 Deny P:47 10.0.0.150 x.x. 
> 132.164 out via en1
> Nov 29 09:28:33 xserve ipfw:  65534 Deny P:47 10.0.0.150 x.x. 
> 132.164 out via en1
> Nov 29 09:28:36 xserve ipfw:  65534 Deny P:47 10.0.0.150 x.x. 
> 132.164 out via en1
> Nov 29 09:28:39 xserve ipfw:  65534 Deny P:47 10.0.0.150 x.x. 
> 132.164 out via en1
>
> What does that P:47 mean (port 47) and what can I do to allow PPTP  
> traffic.
>
> To be complete, my vpnd.log contains:
>
> 2005-11-29 09:52:14 CET	Incoming call... Address given to client =  
> 192.168.2.153
> Tue Nov 29 09:52:14 2005 : Directory Services Authentication plugin  
> initialized
> Tue Nov 29 09:52:14 2005 : Directory Services Authorization plugin  
> initialized
> Tue Nov 29 09:52:14 2005 : PPTP incoming call in progress from 'x.x. 
> 132.164'...
> Tue Nov 29 09:52:14 2005 : PPTP connection established.
> Tue Nov 29 09:52:14 2005 : using link 0
> Tue Nov 29 09:52:14 2005 : Using interface ppp0
> Tue Nov 29 09:52:14 2005 : Connect: ppp0 <--> socket[34:17]
> Tue Nov 29 09:52:14 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:17 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:20 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:23 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:26 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:29 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:32 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:35 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:38 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:41 2005 : sent [LCP ConfReq id=0x1 <asyncmap 0x0>  
> <auth chap MS-v2> <magic 0x2638cae9> <pcomp> <accomp>]
> Tue Nov 29 09:52:44 2005 : LCP: timeout sending Config-Requests
> Tue Nov 29 09:52:44 2005 : Connection terminated.
> Tue Nov 29 09:52:44 2005 : PPTP disconnecting...
> Tue Nov 29 09:52:44 2005 : PPTP disconnected
> 2005-11-29 09:52:44 CET	   --> Client with address = 192.168.2.153  
> has hungup
>
> Any suggestions? Thnx, Paul.
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Macos-x-server mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
> http://lists.apple.com/mailman/options/macos-x-server/david% 
> 40digitaltransitions.ca
>
> This email sent to email@hidden 
>

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden 

This email sent to email@hidden
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: VPN PPTP and Firewall settings
  - From: Jordan Krushen <email@hidden>

Prev by Date: Best solution for shopping cart/credit card ability
Next by Date: Re: Best solution for shopping cart/credit card ability
Previous by thread: Re: VPN PPTP and Firewall settings
Next by thread: Re: VPN PPTP and Firewall settings
Index(es):
- Date
- Thread

Home