Ensure that the GRE kernel module is loaded, and then run something like this:
# iptables -t nat -A PREROUTING -j DNAT i MyExternalInterface -p tcp --dport 1723 --to-destination MyPptpServer
# iptables -A FORWARD -j ACCEPT -i MyExternalInternface -m state --state NEW -p tcp -d MyPptpServer --dport 1723
# iptables -A FORWARD -j ACCEPT -i MyExternalInterface -m state --state NEW -p 47 -d MyPptpServer
# iptables -t nat -A PREROUTING -j DNAT -i MyExternalInterface -p 47 -j DNAT --to-destination MyPptpServer
# iptables -t nat -A POSTROUTING -j MASQUERADE -o MyExternalInterface
(Check the syntax of the example commands, it may be incorrect. YMMV.)
Also investigate the ipmasq package:
# apt-get install ipmasq
You can make these rules persistent by creating a RUL file in the '/etc/ipmasq/rules' directory.
Matt Peter wrote:
Hello All,
I'm currently attempting to get VPN (windows 2000 remote access) working through a nat setup. I'm having problems, and I know there are some special things I need to setup to get this to work, but I'm having trouble finding a good guide to this process. Does anyone have a resources they could point me to for setting this up? The box is currently running stable (2.2), but I can upgrade to 2.4 is it's easier to VPN over NAT running
Thanks in advance,
~ matt
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
