How to configure the firewall for VPN PPP connections?
Gordon Messmer
gordon.messmer at gmail.com
Fri Feb 20 19:27:03 UTC 2015
On 02/20/2015 10:00 AM, Paul Smith wrote:
> The truth, Gordon, is that after changing the firewall configuration
> as described in the referred site, the issue was fixed.
Yes, I understand that. But it sounds like GRE was allowed previously
because it was "RELATED" to the pptp TCP connection before a kernel
upgrade, but afterward it required a rule to allow it unconditionally
(which is bad).
I can't test that because I don't have any PPTP servers available,
because PPTP is very bad security-wise.
It would be useful to remove the rules that you added and verify that
the PPTP connection fails. Then, boot an older kernel which was known
to previously work and test the connection. If it works, then there's a
kernel bug that should be reported.
More information about the users
mailing list