----- Original Message -----
Sent: Monday, March 05, 2001 3:24
PM
Subject: [FW1] FW-1 and Microsoft
VPN
Hopefully someone out there can give me some
ideas.
We have a Microsoft VPN server setup in our DMZ
off a Checkpoint FW-1 Solaris box.
I'm sorry for that! Hopefuly, you might be healthy...
:)
Access to the VPN has been allowed for clients
to access the VPN using PPTP services.
When
this is tested we can watch the log viewer and see the client getting through
the
firewall using PPTP and a service
labeled 34827. Then when the VPN server attempts to
send packets back to the client it uses the service labeled
34827 but the firewall is dropping
these
packets. When testing it we opened up the rule for any service to be
accepted but
they are still being
dropped. The service 34827 uses a protocol simply labeled as 47.
Is there anyone out there who may have a
similar setup and experienced similar problems
that might be able to help shed some light on this?
Thankx,
Kurt
Shaffer
Try http://www.phoneboy.com/fw1/faq/0321.html
Best wishes
ayltonsz