This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

2 PPTP pools?

Hi all.

I would like to emulate two firewalls within ASL 5.0 but PPTP is causing me problems.

The current model is

o Two external IP addresses on one external ethernet card
o Two internal ethernet cards with thier own subnet.
o One PPTP pool as I can not create and use a second.

This model works but it has problems as PPTP users can dial-in through either external IP address and gain access to both subnets.

I would like to assign seperate pptp pools to each external IP address and then NAT them into the appropriate subnet.

There is one foot note.

I can assign a specific IP address to the user but that then means they need different user accounts for each subnet which is a bit ugly.

Thanxs for any gems you may be able to offer.

This thread was automatically locked due to age.

0 VelvetFog over 21 years ago

What you are trying to do may not be feasible at the moment with ASL v5.

You quickest workaround would be to install two ASL v5 machines, each with 3 NICs, and connect both machines via a hub or switch to your broadband connection. You can then connect your two internal networks to both ASL boxes, and configure your routing and PPTP access to either network as you please.
Cancel
Vote Up 0 Vote Down

Cancel
0 Gert Hansen over 21 years ago in reply to VelvetFog

Hi Mart,

why do you want to NAT the PPTP client into each networks if you can use Packet-Filter rules to define access privileges.

If i were you, i would create two Network Groups 'PPTP-User A' and 'PPTP-User B'.

Than i would add the according PPTP-User Objects in Each group, so all PPTP users that should be able to access Subnet A into Group A and the same with B.

Then you only need to add two packetfilter rules:

'PPTP-User A' 'Any' 'Subnet A' 'ACCEPT'
'PPTP-User B' 'Any' 'Subnet B' 'ACCEPT'

thats it.

regards
Gert
Cancel
Vote Up 0 Vote Down

Cancel