XPost: comp.security.firewalls   
   From: harbell@beerburp.com   
      
   I'd like to run the XP pro VPN server (accept incomming connections)   
   behind a Linksys WRT54G router temporarily until I get a better VPN   
   endpoint. When I try using the stock firmware, there's no way to allow   
   GRE (protocol 47) to pass from outside to inside, and so I get the   
   Error 721 error from the Windows VPN client.   
      
   I installed HyperWRT + Thibor-15c firmware and enabled telnet.   
   Can somebody please explain how to:   
      
   1. Change rules to allow this VPN client & server   
   	e.g.	# iptables -A INPUT -p 47 -j ACCEPT   
   		# iptables -A OUTPUT -p 47 -j ACCEPT   
   	But then I need port forwarding, etc. Can someone please help   
   	me with these iptables statements?   
      
   2. How to save this so that it will be permanent accross reboots?   
      
   3. I read somewhere that the IP addresses handed to the client can't   
   be within the same network/mask (e.g. if I run   
   192.168.1.0/255.255.255.0, then perhaps the clinet gets 192.168.50.x).   
   Is this true?   
      
   Thanks for any help!   
      
   (Please excuse the 'burp' when replying (b))   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)