Pptp example – Netopia 4553 User Manual

Page 144

background image

10-144 User’s Reference Guide

PPTP example

To enable a firewall to allow PPTP traffic, you must provision the firewall to allow inbound and outbound TCP
packets specifically destined for por t 1723. The source por t may be dynamic, so often it is not useful to apply
a compare function upon this por tion of the control/negotiation packets. You must also set the firewall to allow
inbound and outbound GRE packets, enabling transpor t of the tunnel payload.

From the Main Menu navigate to Display/Change IP Filter Set, and from the pop-up menu select Basic Firewall.

Select Display/Change Input Filter.

Display/Change Input Filter screen

Select Input Filter 1 and press Return. In the Change Input Filter 1 screen, set the Destination Por t information
as shown below.

Select Input Filter 2 and press Return. In the Change Input Filter 2 screen, set the Protocol Type to allow GRE
as shown below.

Main

Menu

System

Filter

Sets

Display/Change

Filter Set

Configuration

Basic

Firewall

+--#----Source IP Addr----Dest IP Addr------Proto-Src.Port-D.Port--On?-Fwd--+
+---------------------------------------------------------------------------+
| 1 0.0.0.0 0.0.0.0 TCP NC =2000 Yes No |
| 2 0.0.0.0 0.0.0.0 TCP NC =6000 Yes No |
| |
+---------------------------------------------------------------------------+

Change Input Filter 1

Enabled: Yes
Forward: Yes

Source IP Address: 0.0.0.0
Source IP Address Mask: 0.0.0.0

Dest. IP Address: 0.0.0.0
Dest. IP Address Mask: 0.0.0.0

Protocol Type: TCP
Source Port Compare... No Compare
Source Port ID: 0
Dest. Port Compare... Equal
Dest. Port ID: 1723
Established TCP Conns. Only: No

See also other documents in the category Netopia Hardware: