Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 569 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Feature Request

Jake S
How about the ability to lock down, either by IP address or subnet, access to PPTP?  That’s probably the biggest thing that my company is holding out for.

Thank you for your time,
Jake S.
Firstam.com


This thread was automatically locked due to age.
Parents
  • 0
    You could probably accomplish the same thing by seting up filters for port 1723.  I havent tried this, but it should work.  Ad a rule to only accept packets on 1723 from the desired networks and deny all others.
Reply
  • 0
    You could probably accomplish the same thing by seting up filters for port 1723.  I havent tried this, but it should work.  Ad a rule to only accept packets on 1723 from the desired networks and deny all others.
Children
  • 0 in reply to tccoggs
    I tried that, no luck.  It looks like when you enable PPTP ASL puts that rule above all everything else.  And because iptables reads from the top down, it will always allow access to 1723.
    Also it appears this is the case with ASL ver 2.2, 3.041 and 3.05

    [ 23 April 2002: Message edited by: Jake S ]

Unfiltered HTML