Hello,

BM3.8.5 running on nw6.5.6 (nwlib6j, libcsp5a, wsock6L)

Are there a general constraints making it impossible to allow outbound PPTP
connections through a bordermanager?


We are trying to arrange the required filter exceptions[1] for this BM
to allow LAN clients to do PPTP connects to devices out in the internet.

To one site this already worked few weeks ago.

Well, now we tried to do the same to a different location, and we failed.

Now also the first one, which *DID* already work fail in the same way: "Verifying username and password"
is sitting there until some timeout occures.



After disableing filtering at all finally I just setup a
- dummy NW656 Server in it's separate tree,
- "dynamic NAT only" on the public interface
- no IP filtering turned on at all

When I put this "dummy" Router into the IP config of the workstation,
I still fail.

When using several aDSL routers (they also do NAT) it's going fine.


What do I miss, or is it simply impossible?
If it's not possible with BM3.8: Any change with BM3.9 so far?



Regards, Rudi.



[1] The two filter exceptions I expected to need are these:
IP Prot. 47 (GRE), PrivIF->PubIF, stateful, Src=<LAN-Workstation-IP>, Dst=<PPTP-Server-Internet>
TCP:1723 (PPTP), PrivIF->PubIF, stateful, Src=<LAN-Workstation-IP>, Dst=<PPTP-Server-Internet>

Also tried with Src=any, Dst=any and disableing IP filterin in INETCFG plus
unloading IPFLT.NLM, no change.


--
IT-Beratung Rudolf Thilo
Schweinfurter Str. 131
97464 Niederwerrn
t: +49 (0)9721/6464840
f: +49 (0)9721/6464841
m: +49(0)171/685 9 685