Firewalls: Re: PPTP & FW-1

Firewalls
(August 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: PPTP & FW-1
From:	Eric Vyncke <evyncke @ cisco . com>
Date:	Mon, 04 Aug 1997 14:50:33 +0000
To:	Bertrum Carroll <bc17684 @ 90 . deere . com>, "Firewalls @ GreatCircle . COM" <Firewalls @ GreatCircle . COM>, "fw-1-mailinglist @ us . checkpoint . com" <fw-1-mailinglist @ us . checkpoint . com>

PPTP is using:
- a modified GRE tunnel which lays directly on the top
of IP with protocol (I do not have right now the number of the
protocol but check in /etc/protocols for the right number)
- a TCP control session to port 5678 (on the PPTP 'server') which
is by the way a funny number ;-)

Also beware that PPTP is probably useful for you but do not
trust too much its security... 

-eric

At 11:45 1/08/97 -0500, Bertrum Carroll wrote:
>I'm attempting to setup a FW-1 filter to support PPTP.
>I'm using FW-1 3.0a on Solaris.
>
>PPTP is not defined, how do I seutp a fitler just for PPTP not all IP?
>
>Thanks In Advance
>Bert Carroll
>
Eric Vyncke      
Technical Consultant               Cisco Systems Belgium SA/NV
Phone:  +32-2-778.4677             Fax:    +32-2-778.4300
E-mail: evyncke @
 cisco .
 com          Mobile: +32-75-312.458

Follow-Ups:

Re: PPTP & FW-1
From: Dick_Wall @ stratus . com

Indexed By Date	Previous:	RE: Java Applet Scanner From: Jerry Huyghe <jerry @ eliashim . com>
Indexed By Date	Next:	Re: Access-lists and routing performance From: Eric Vyncke <evyncke @ cisco . com>
Indexed By Thread	Previous:	Re: [FW1] PPTP & FW-1 From: x <markj @ iclnet . co . uk>
Indexed By Thread	Next:	Re: PPTP & FW-1 From: Dick_Wall @ stratus . com