Quoting Greg MATTHEWS <[EMAIL PROTECTED]>: > Dear listers... > > I'm finding it difficult to find up to date docs on pptp setups. > > I have a linux server setup with pptpd which appears to be working ok (port > > 1723 is definitely open) but i'm having trouble connecting to it from behind > > my firewall - a debian pentium running stable using iptables. > > most of the docs that i found seem to say that no special requirements are > needed to nat a private addressed pptp client. i can connect on port 1723 but > > then the server appears to be initiating a ppp connection (presumably ip type > > 47?) back to the client which appears to be blocked by my firewall (maybe). > > does this mean that i need to forward ip type 47 to a specific host on my > private net? this would mean only one machine could ever use pptp so this > doenst sound right. Hi, AFAIK, this is correct. Only one pptp client at a time can be masq'd to a pptpd server. I remember hearing about a kernel patch of somekind. You could try searching google for a patch. The patch was for a ipmasq'ing firewall, where pptp clients where behind it trying to access a externel internet pptpd server. You mention that you have a hardware firewall from NetGear, so I don't know if its tweakable. > anyone tell what i'm doing wrong? i'll include a log of what happens in the
Nothing, this was the nature of pptp and ipmasq. IPSec or some debianized vpn daemons (vpnd,tinc) may be a different option to try. (if you can't get the kernel patch for ipmasq) good luck, Mike ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
