Astaro User Bulletin Board
Go Back   Astaro User Bulletin Board > Astaro Gateway Products > General Discussion
Reload this Page pptp vpn
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Welcome to the Astaro User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 07-11-2009, 02:44 AM
Member
  
Join Date: Jun 2009
Posts: 69
Default pptp vpn
Hi Everyone,

I configured my astaro for pptp vpn so everytime Im away in our office I could get in into my real internal network.We have dhcp server inside our network and I configured astaro that everytime I get connected to my pptp connection I could get ip address coming from dhcp server not ip address from pptp default ip pool.

My question is how to create a policy that when I connected to my pptp vpn from outside to internal only 1 ip address I could ping or browse.

Thanks
Reply With Quote
  #2 (permalink)  
Old 07-11-2009, 06:50 PM
BAlfson's Avatar
Moderator
  
Join Date: Mar 2007
Location: Oklahoma City
Posts: 5,390
Default
"My question is how to create a policy that when I connected to my pptp vpn from outside to internal only 1 ip address I could ping or browse."

Do uou want to restrict your remote access to a single, internal IP?

Cheers - Bob
__________________
ACE V7 - Astaro Preferred Partner since V3
Addicted to my iPhone!
Reply With Quote
  #3 (permalink)  
Old 07-12-2009, 12:55 AM
AngeloC's Avatar
Ninja
  
Join Date: May 2003
Posts: 319
Default
I think you are looking for access help, in this case, you make a rule either from your PPTP pool (for any pptp user) or from the pptp user himself (ie. JDOE), who can to the INTERNAL IP in question (say 192.168.1.5) on a certain, or all services.

This is common so that someone dialing in doesnt have the full rights to view everything on the lan, but can actually only see a single machine for what they need.

Also ensure that if the users dialing in are tech savvy that they simply cannot remote desktop to the one machine they are allowed to view, and then get full lan access from there. If this is a concern to you, you can adjust the permissions of the packet filter to only allow access to the specific ports you need the user to visit -on the target machine (such as port 80 etc..)

hope this is of help to you../.
__________________
Angelo Comazzetto
Astaro AG
--------------------------------------------------------
Visit the KB for documentation and help (www.astaro.com/kb)
Astaro is FULLY free for home use, including all subscriptions. Download it from http://my.astaro.com
Reply With Quote
  #4 (permalink)  
Old 07-12-2009, 01:57 PM
Member
  
Join Date: Jun 2009
Posts: 69
Default pptp connection
To Balfson,
Yes your right!I want to limit my remote users to access in to our internal network either 1 or 2 ip addresses only.
Reply With Quote
  #5 (permalink)  
Old 07-20-2009, 09:39 AM
Member
  
Join Date: Jun 2009
Posts: 69
Default pptp connection
Hi.
This what Ive done from Remote Access PPTP I added users and I set my Internal DHCP server will assigned IP addresses for PPTP connection.I did not create a NAT rule since same network will provided to the pptp users.Then,from the Network Security==>Packet Filter==>I created a policy w/c goes likes this Source(pptp users(ex:test))==>Service(HTTP)==>Destination(ip address of my web server).
Is this correct settings?I want to limit test from accessing servers except to web server.
Any inputs are welcome.

thanks
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT. The time now is 08:45 PM.

 
Contact Us - Astaro User Bulletin Board - Archive - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.


These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases. issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.