• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2915
  • Last Modified:

using Monowall Smoothwall ipcop etc as pptp hardware endpoint

I support a site that has five xp machines that all start up a client pptp session to the server at the base office over dsl.

I want to use monowall or an equiv to set up the tunnel and let all the xp machines use it.

This will then allow me to put a laser printer there, on a jet direct, and have an ip so my printing can be ip based rather than workstation-shared based.

Any recommendations?

I am trying MonoWall... I am not even sure it will do this...

Thanks,
Greg
0
gsgi
Asked:
gsgi
  • 5
  • 4
1 Solution
 
Gabriel OrozcoSolution ArchitectCommented:
I think smoothwall cd has not only pptp but ipsec also included.
http://www.smoothwall.org/
0
 
gsgiAuthor Commented:
MonoWall won't do it.  Ipcop and Smoothwall seem to only act as ipsec endpoints, from the documentation I read.  Can you double check the smoothwall site and see if I am wrong?  A second pair of eyes is always good.

thanks,

-gsgi
0
 
Gabriel OrozcoSolution ArchitectCommented:
found it. I'm sorry but I was on the understanding they supported it from their cd.

these firewalls support pptp thru their ability to open the port and the protocol needed (tcp/1723 and protocol gre)

so basically you need to enable pptp server yourself, and then open access from the firewall.

I found suse has pptp server installable and the kernel patch already added.
recent versions of the kernel has the patch included by default.

so depending on your linux distribution, you need to download and follow instructions for project PoPToP:
www.poptop.org
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
gsgiAuthor Commented:
>so basically you need to enable pptp server yourself, and then open access from the firewall.

isn't this for allowing pptp clients to connect to the firewall?

I need a linux pptp client embedded in a linux firewall machine that connects to a Nokia pptp server.
Once the linux pptp client gets the pptp assigned ip address from the Nokia pptp server, I then need to
route to that ip...

   192.168.1.100_LAN - LINUX_FIREWALL - 192.168.2.1_WAN ---- 192.168.2.2 LINKSYS ROUTER ---  INTERNET ---  NOKIA_ROUTER
                                                    PPTP   192.168.100.37 (assigned from NOKIA)

Route 192.168.1.0 through pptp 192.168.100.37 to far side...

The poptop is the pptp client, right?
What is this kernel patch I read about all about?

Thanks,
gsgi
0
 
Gabriel OrozcoSolution ArchitectCommented:
poptop is pptp server.

for pptp client you need this project:
http://pptpclient.sourceforge.net/

it's more or less the same. once you have pptp client working, is pretty easy to setup a pptp server on the same computer.

but download it and follow steps. if your distro is red-hat like, then it will be easier to setup since they have rpm's already =)
0
 
gsgiAuthor Commented:
I don't think I need the pptp server on the LINUX_FIREWALL side, I think I need the client.  Right?  Or do I need the server in order to have the gre protocol or something.

I am surprised nobody has put this pptp endpoint feature in a firewall distro yet.  What does that kernel patch do?

Thanks for your help.

-gsgi
0
 
Gabriel OrozcoSolution ArchitectCommented:
you do not need the server part. just pptp client.

pptp client is includede in SuSE 10.x
0
 
gsgiAuthor Commented:
ok, thanks.

Since I am now installing SUSE 10.x, once I connect it to the pptp server, what do I run to "share" the pptp connection with the other computers on the lan?  You are being very helpful, sorry I need so much handholding.  Not a unix guy.

-gsgi
0
 
Gabriel OrozcoSolution ArchitectCommented:
you need
a) this linux computer to be the gateway to the other net. maybe the default gateway
b) activate forwarding:
    echo "1" > /proc/sys/net/ipv4/ip_forward

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now