extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-02 19:49:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add /etc/shorewall/masq entry to PPTP server behind firewall with special external address

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4587 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-09-26 21:16:20 +00:00
parent 1dd638513a
commit fb33fd9aa1
1 changed files with 19 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
docs/PPTP.xml
View File

@ -561,6 +561,18 @@ DNAT net loc:<emphasis>&lt;server address&gt;</emphasis> 47<
# PORT(S) DEST # PORT(S) DEST
DNAT net loc:<emphasis>&lt;server address&gt;</emphasis> tcp 1723 - <emphasis>&lt;external address&gt;</emphasis> DNAT net loc:<emphasis>&lt;server address&gt;</emphasis> tcp 1723 - <emphasis>&lt;external address&gt;</emphasis>
DNAT net loc:<emphasis>&lt;server address&gt;</emphasis> 47 - - <emphasis>&lt;external address&gt;</emphasis></programlisting> DNAT net loc:<emphasis>&lt;server address&gt;</emphasis> 47 - - <emphasis>&lt;external address&gt;</emphasis></programlisting>
<para>You will also want to add this entry to your
<filename>/etc/shorewall/masq</filename> file:</para>
<programlisting>#INTERFACE SUBNET ADDRESS PROTO
&lt;<emphasis>external interface</emphasis>&gt; &lt;<emphasis>server address</emphasis>&gt; &lt;<emphasis>external address</emphasis>&gt; 47</programlisting>
<important>
<para>Be sure that the above entry comes <emphasis
role="bold">before</emphasis> any other entry that might match the
server's address.</para>
</important>
</section> </section>
<section id="ClientsBehind"> <section id="ClientsBehind">
@ -802,12 +814,13 @@ restart_pptp &gt; /dev/null 2&gt;&amp;1 &amp;</programlisting>
<title>PPTP Client running on your Firewall with PPTP Server in an ADSL <title>PPTP Client running on your Firewall with PPTP Server in an ADSL
Modem</title> Modem</title>
<para>Some ADSL systems in Europe (most notably in Austria and the Netherlands) feature a PPTP <para>Some ADSL systems in Europe (most notably in Austria and the
server built into an ADSL <quote>Modem</quote>. In this setup, an ethernet Netherlands) feature a PPTP server built into an ADSL
interface is dedicated to supporting the PPTP tunnel between the firewall <quote>Modem</quote>. In this setup, an ethernet interface is dedicated to
and the <quote>Modem</quote> while the actual internet access is through supporting the PPTP tunnel between the firewall and the
PPTP (interface ppp0). If you have this type of setup, you need to modify <quote>Modem</quote> while the actual internet access is through PPTP
the sample configuration that you downloaded as described in this section. (interface ppp0). If you have this type of setup, you need to modify the
sample configuration that you downloaded as described in this section.
<emphasis role="bold">These changes are in addition to those described in <emphasis role="bold">These changes are in addition to those described in
the <ulink url="shorewall_quickstart_guide.htm">QuickStart the <ulink url="shorewall_quickstart_guide.htm">QuickStart
Guides</ulink>.</emphasis></para> Guides</ulink>.</emphasis></para>