Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Nokia IP650 and GRE tunnelling

To: "'[email protected]'" <[email protected]>, [email protected]
Subject: RE: [FW1] Nokia IP650 and GRE tunnelling
From: "Roelandts, Guy" <[email protected]>
Date: Wed, 14 Feb 2001 08:02:15 -0000
Sender: [email protected]

Hi,

   You need to create a service to allow the GRE protocol, as follows
  (cut from a previous mail in this list ....)


http://www.phoneboy.com/fw1/faq/0321.html


PPTP
Q:
How can I make FireWall-1 work with PPTP? 
A:
You must add a rule permitting access between your PPTP clients and server.
PPTP uses two services: 
TCP port 1723 for a control session 
A variation of the GRE protocol (IP Protocol 47) for data. 
To create this last service, create the service as a service of type Other.
For the name, use PPTP-Data. In the match field, put: ip_p = 47, [22:2,b] =
0x880B 
(Note: ip_p = 47 identifies the IP protocol type as GRE. [22:2,b] = 0x880B
identifies the payload protocol as GRE.) 

The rules look like this: 
  Source Destination Service Action 
PPTP-Clients   PPTP-Server   PPTP-Control PPTP-Data   Accept 
PPTP-Server    PPTP-Clients   PPTP-Control PPTP-Data   Accept 


PPTP will work with Static NAT, but not HIDE NAT. 

Met vriendelijke groeten - Bien à vous - Kind regards

Guy ROELANDTS
Compaq Software Engineer - Belgium
E-mail : [email protected]
Tel: +32(02)729.77.44 (options  3 - 3 - 1)
Fax: +32(02)729.77.65


-----Original Message-----
From: Martin WF Hui [mailto:[email protected]]
Sent: Tuesday, February 13, 2001 6:06 PM
To: [email protected]
Subject: [FW1] Nokia IP650 and GRE tunneling
Importance: High



Hi,

Does anyone in here know that whether IP650 can run GRE tunneling or not ? 

If yes, how can i configure this GRE together with the use of  Checkpoint
Point to Point  Encrypted VPN ?

Thanks

Best regards,

martin


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] browsing too slow
Next by Date: [FW1] CCSA CCSE
Previous by thread: Re: [FW1] browsing too slow
Next by thread: [FW1] CCSA CCSE
Index(es):
- Date
- Thread