Ok, I've even tried this in my pf.conf file,

pass in all
pass out all

and *still* can't pptp through my 3.0 firewall to my corporate pptp server,
from tcpdump it would appear there is still a problem passing gre, is there
something im blatantly missing here? is there a problem with the version of
pf included in 3.0?? thanks...

----- Original Message -----
From: "Marco Peereboom" <slashpeereboom.us>
To: "meeps" <meepscharter.net>; <miscopenbsd.org>
Sent: Monday, July 01, 2002 5:10 PM
Subject: Re: allowing gre through 3.0 firewall

> Upgrading to 3.1 was well worth the time to get this to work.
>
> I save all my config and other important files and reinstalled the system.
> Coppied back all the important stuff and my box was up and running in
> minutes with exactly the same config.
>
> Added the following line to pf.conf
> pass out on $ExtIF inet proto gre all keep state
> And life was good again!
>
> /marco
>
> ----- Original Message -----
> From: "meeps" <meepscharter.net>
> To: <miscopenbsd.org>
> Sent: Sunday, June 30, 2002 17:03
> Subject: allowing gre through 3.0 firewall
>
>
> > hello, have seen this issue touched on elsewhere but never resolved. am
> > trying to connecto to our corporate pptp server on the internet using my
> xp
> > client behind my 3.0 firewall.
> >
> > 192.168.168.2 --> openBSD firewall (pf and nat running) --> corporate
pptp
> > server
> >
> > would appear that i need to pass gre packets into the 192 client, is
this
> > correct? if so, can someone tell me how to set this up in pf.conf and
or
> > nat.conf? thanks...

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]