[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Nokia IP650 and GRE tunnelling
Hi, You need to create a service to allow the GRE protocol, as follows (cut from a previous mail in this list ....) http://www.phoneboy.com/fw1/faq/0321.html PPTP Q: How can I make FireWall-1 work with PPTP? A: You must add a rule permitting access between your PPTP clients and server. PPTP uses two services: TCP port 1723 for a control session A variation of the GRE protocol (IP Protocol 47) for data. To create this last service, create the service as a service of type Other. For the name, use PPTP-Data. In the match field, put: ip_p = 47, [22:2,b] = 0x880B (Note: ip_p = 47 identifies the IP protocol type as GRE. [22:2,b] = 0x880B identifies the payload protocol as GRE.) The rules look like this: Source Destination Service Action PPTP-Clients PPTP-Server PPTP-Control PPTP-Data Accept PPTP-Server PPTP-Clients PPTP-Control PPTP-Data Accept PPTP will work with Static NAT, but not HIDE NAT. Met vriendelijke groeten - Bien à vous - Kind regards Guy ROELANDTS Compaq Software Engineer - Belgium E-mail : [email protected] Tel: +32(02)729.77.44 (options 3 - 3 - 1) Fax: +32(02)729.77.65 -----Original Message----- From: Martin WF Hui [mailto:[email protected]] Sent: Tuesday, February 13, 2001 6:06 PM To: [email protected] Subject: [FW1] Nokia IP650 and GRE tunneling Importance: High Hi, Does anyone in here know that whether IP650 can run GRE tunneling or not ? If yes, how can i configure this GRE together with the use of Checkpoint Point to Point Encrypted VPN ? Thanks Best regards, martin ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|