Well, I fixed a problem in one of my filters, and now I can establish the
connection from either side of the firewall. According to the Gnatbox's
logs, GRE protocols packets are being blocked. Anyway I can set a filter
based on the GRE protocol? I know Gnatbox should be handling this
transparently, but evidently it's tied to PPTP (and maybe others).
First e-mail:
I have version 2.2.0 of Gnatbox. I am trying to get two Netopia router to
tunnel through Gnatbox. They support PPTP and ATMP (Ascend tunneling
protocol). The PPTP works fine, but the ATMP doesn't seem to. ATMP needs
UDP port 5150 open and uses the GRE protocol for the tunnel payload, just
like PPTP. With the appropriate filters in place, I can establish a VPN
connection from the protected interface, but not from outside the firewall.
However, even though it establishes a connection, nothing gets transported
through the tunnel.
Is there a way to get the ATMP protocol working through Gnatbox. I suspect
I would have to create a filter to allow the GRE packets inbound, but since
I can't create a tunnel specifically for GRE, would I have to use ALL
protocols. That leaves a big hole in the firewall. Do newer versions
accomodate the ATMP protocol? Has anyone worked with ATMP and got it
working?
ATMP, BTW, is a faster, more efficient tunneling protocol than PPTP, so I
would like to use it if I could.
Jim Ellison
Systems Engineer
MicroVoice Applications
612-373-9342
jellison_at_mva_dot_com
|