VPN PPTP Input & Output Filters + PING ?

From

Serg Domushchey (2:464/704.77)

To

All (2:5054/37.63)

Date

2004-01-25T08:44:44Z

Area

RU.WINDOWS.NT.INTERNET

Привет All!

С обоих сторон W2K SRV SP4 ENG

_Пошаговая настройка взята с микрософт, она замечательно работает, но_
_хотелось бы добавить возможность пинговать этот хост и пинговать удаленные_
_хосты + ходить телнетом. Телнет добавляется без проблем._

#_А с PING - проблема. Какой там тип ICMP ставить?_#
#_Подскажите плс._#

To set PPTP input filters
To set PPTP input filters, you must configure up to three input filters and
select the appropriate filter action.

To add the first input filter
Open Routing and Remote Access.
In the console tree, click General.
Where?

Routing and Remote Access
server name
IP Routing
General
In the details pane, right-click the interface on which you want to add a
filter, and then click Properties.
On the General tab, click Inbound Filters.
In the Inbound Filters dialog box, click New.
In the Add IP Filter dialog box, select the Destination network check box.
In IP Address, type the IP address of the interface, and in Subnet mask, type
255.255.255.255.
In Protocol, click Other.
In Protocol number, type 47, and then click OK.
To add the second input filter
In the Inbound Filters dialog box, click New.
In the Add IP Filter dialog box, select the Destination network check box.
In IP Address, type the IP address of the interface, and in Subnet mask, type
255.255.255.255.
In Protocol, click TCP.
In Source port, type 0.
In Destination port, type 1723, and then click OK.
To add the third input filter (optional)
If the PPTP server computer is also used as a PPTP client, you need to
configure an additional filter.

In the Inbound Filters dialog box, click New.
In the Add IP Filter dialog box, select the Destination network check box.
In IP Address, type the IP address of the interface, and in Subnet mask, type
255.255.255.255.
In Protocol, click TCP [established].
In Source port, type 1723.
In Destination port, type 0, and then click OK.
To select the filter action for the input filters
In the Inbound Filters dialog box, click Drop all packets except those that
meet the criteria below, and then click OK.


To set PPTP output filters
To set PPTP output filters, you must configure up to three output filters and
select the appropriate filter action.

To add the first output filter
Open Routing and Remote Access.
In the console tree, click General.
Where?

Routing and Remote Access
server name
IP Routing
General
In the details pane, right-click the interface on which you want to add a
filter, and then click Properties.
On the General tab, click Outbound Filters.
In the Outbound Filters dialog box, click New.
In the Add IP Filter dialog box, select the Source network check box.
In IP Address, type the IP address of the interface, and in Subnet mask, type
255.255.255.255.
In Protocol, click Other.
In the Protocol box, type 47, and then click OK.
To add the second output filter
In the Outbound Filters dialog box, click New.
In the Add IP Filter dialog box, select the Source network check box.
In IP Address, type the IP address of the interface, and in Subnet mask, type
255.255.255.255.
In Protocol, click TCP.
In Source port, type 1723.
In Destination port, type 0, and then click OK.
To add the third output filter (optional)
If the PPTP server computer is also used as a PPTP client, you need to
configure an additional filter.

In the Outbound Filters dialog box, click New.
In the Add IP Filter dialog box, select the Source network check box.
In IP Address, type the IP address of the interface, and in Subnet mask, type
255.255.255.255.
In Protocol, click TCP.
In Source port, type 0.
In Destination port, type 1723, and then click OK.
To select the filter action for the output filters
In the Outbound Filters dialog box, click Drop all packets except those that
meet the criteria below, and then click OK.

* Originally in RU.WINDOWS.NT.INTERNET
* Разослано также в RU.WINDOWS.2000.ADMIN

С уважением, Serg                     25 января 2004 года
mailto: dombay@ukrsib.dp.ua       work phone 8-056-7707455 ОИТО
ICQ# 118198094   Odigo# 4744291

... "Раз за это платят деньги, значит, это работа..."
--- GoldED+/W32 1.1.5-031023
 * Origin: ---=== GCT_Dombay Station ===--- (2:464/704.77)
SEEN-BY: 46/128 999 292/100 400/333 450/102 166 187 208 452/160 461/33 74 106
SEEN-BY: 461/220 640 463/68 220 464/0 28 34 36 66 100 122 128 704 910 991 999
SEEN-BY: 464/5000 5555 465/92 204 262 466/20 467/70 469/125 418 478/40 44 65
SEEN-BY: 550/150 5068 4600/126 4614/9 4615/21 4623/56 4625/9 4626/6 4632/10
SEEN-BY: 4635/99 1024 4641/444 4642/17 4643/10 4651/25 4657/9 5001/27 77
SEEN-BY: 5002/5002 5003/34 5004/16 5005/14 5006/1 5009/14 5010/77 146 5011/13
SEEN-BY: 5012/30 5014/5014 5015/4 28 5019/31 5020/37 52 69 115 128 139 175 321
SEEN-BY: 5020/362 392 496 600 639 794 817 902 921 937 968 1100 1169 1212 1234
SEEN-BY: 5020/1301 1443 1626 1642 1822 1930 2200 2208 2871 4001 4400 4441
SEEN-BY: 5021/3 11 5022/5 5023/11 46 5025/3 39 151 5026/49 5027/31 5028/63
SEEN-BY: 5029/34 50 5030/69 175 382 562 573 920 953 966 1016 1023 1900 5031/26
SEEN-BY: 5031/50 5036/1 13 5037/21 5040/33 47 59 5041/4 5042/8 5045/47 5047/23
SEEN-BY: 5049/125 5050/9 41 5051/35 5052/4 5053/16 18 5054/1 8 9 10 29 30 37
SEEN-BY: 5054/45 50 67 79 81 5055/17 177 181 5056/16 5058/24 77 5059/10 20
SEEN-BY: 5060/9 5061/15 5062/10 5063/23 41 5064/35 36 5066/196 5068/1 5069/7
SEEN-BY: 5070/26 66 5071/1 5075/10 5077/70 5078/20 5079/49 5080/111 301
SEEN-BY: 5083/13 5085/13 5090/3 1029 5093/20 23 27 5095/1 5096/9 18 5097/10
SEEN-BY: 5100/113 6009/11 6033/2727 6053/1 6055/2 86 6070/5 228 6083/1 11 12

PATH: 464/704 5555 36 5020/52 5054/1 79 37