[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RES: vpn masquerade pptp



Hi!

	I have tried to do the same thing here, but it doesn't work and i get 
messages like this in the pptp server logs:

Jan 29 14:36:26 loidean pptpd[17968]: Discarding out-of-order packet 28, 
already have 643
Jan 29 14:36:27 loidean pptpd[17968]: Discarding out-of-order packet 29, 
already have 643
Jan 29 14:36:27 loidean pptpd[17968]: Discarding out-of-order packet 30, 
already have 643
Jan 29 14:36:27 loidean pptpd[17968]: Discarding out-of-order packet 31, 
already have 643
Jan 29 14:36:27 loidean pptpd[17968]: Discarding out-of-order packet 32, 
already have 643
Jan 29 14:36:28 loidean pptpd[17968]: Discarding out-of-order packet 33, 
already have 643

	Apparently the pptp server drops the packages from the second connection, 
thinking that those packages are from the first connection (the two 
connections come from the same IP address).

	Here, I dont have two linux machines (the masq in windows machines side is 
done by the DSL router) then i'm using the Internet Connection Sharing on a 
windows machine to share the VPN connection with the other machine. But, as 
you have 2 linux boxes, freeswan seems to be better to you.

 - Samuel


----- Mensagem original -----
De:		Mike Egglestone [SMTP:megglestone@heritage.sd57.bc.ca]
Enviada em:		sexta-feira, 31 de janeiro de 2003 07:04
Para:		debian-firewall@lists.debian.org
Assunto:		vpn masquerade pptp

Hi,

I having trouble getting my woody box to act as a vpn masquerade firewall.

I'm running a custom kernel 2.4.18. (made from kernel-source 2.4.18) and 
the
old .config from kernel-image-2.4.18-586tsc)
The only thing I changed on the kernel was that I patched it with
a patch file to add ip_nat_pptp and ip_conntrack_pptp modules.
(got the patch from google searching)

The kernel compiled ok and I rebooted into the system no prob. I ran 
modconf to
add in the new modules and they added successful.

I have 2 M$ machines behind my masq'ing box. I have another pptp woody
vpnserver about a 20 minutes drive away that they can vpn into.
(its on a public IP)
Everything works ok if I only vpn in with one windows machine at a time.
I cannot get both to vpn into the same vpn server at the same time.

I'm sure I'm missing something. Has anyone successfully done this on woody 
with
a 2.4.x kernel. Google has lots of info for a 2.2.x. I supposed I could 
revert
back, but I like my iptables.

Any suggestions?
Do I need a specific patch to compile the kernel with?

thanks!

Mike




-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/


--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact 
listmaster@lists.debian.org



Reply to: