<div>
A &quot;port&quot; does not exist for GRE (protocol 47) - that protocol does not know of the concept of ports. A port restriction is useless, and maybe even leads to failure. I can see Juniper recommends that, but I cannot tell why that port restriction should apply at all.<br />
<br />
I would not set up MIP for this, as this reserves a IP address completely and solely to get redirected to a single machine. VIP is much more useful, as it allows a per-port definition of (internal) target IPs.
</div>


A "port" does not exist for GRE (protocol 47) - that protocol does not know of the concept of ports. A port restriction is useless, and maybe even leads to failure. I can see Juniper recommends that, but I cannot tell why that port restriction should apply at all.

I would not set up MIP for this, as this reserves a IP address completely and solely to get redirected to a single machine. VIP is much more useful, as it allows a per-port definition of (internal) target IPs.

<div>
BTW GRE is a pre defined service in screenOS 6 and greater<br />
<br />
&quot;GRE &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;IP (47) any &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Generic Routing Encapsulation &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;60&quot;<br />
<br />
I can not speak on how or why it works, all i know is without it I was not able to setup the VPN server successfully.
</div>


BTW GRE is a pre defined service in screenOS 6 and greater

"GRE       IP (47) any       Generic Routing Encapsulation       60"

I can not speak on how or why it works, all i know is without it I was not able to setup the VPN server successfully.

<div>
Yes, one should forward GRE traffic the same as PPTP. It can work without, but will not most of the time.
</div>


Yes, one should forward GRE traffic the same as PPTP. It can work without, but will not most of the time.

<div>
<div class="content wysiwyg-content">
I need to allow PPTP traffic through the Juniper firewall to a Microsoft RRAS server.<br />
<br />
Public VPN IP is 1.1.1.1<br />
private IP is 10.1.1.10<br />
<br />
Can someone help configure teh firewall to pass teh PPTP traffic?<br />
<br />
I tried to open port 1723 and create a MIP to the private IP but this is not working.
</div>
</div>


I need to allow PPTP traffic through the Juniper firewall to a Microsoft RRAS server.

Public VPN IP is 1.1.1.1
private IP is 10.1.1.10

Can someone help configure teh firewall to pass teh PPTP traffic?

I tried to open port 1723 and create a MIP to the private IP but this is not working.

Allow incoming PPTP to Juniper NS5GT

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Networking hardware includes the physical devices facilitating the use of a computer network. Typically, networking hardware includes gateways, routers, network bridges, modems, wireless access points, networking cables, line drivers, switches, hubs, and repeaters. But it also includes hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, ISDN terminal adapters and other related hardware.

Networking Hardware-Other

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.