Hi all, I'm triying to do the next setup ... Inet <-> Sid FW (Pc1,eth1-inet,eth0-lan) <-> Sid PPTPd (Pc2,eth0-lan) On the PC1 I have done this iptables -t nat -A PREROUTING -p gre -j DNAT --to 192.168.0.2 iptables -t nat -A PREROUTING -p tcp --dport 1723 -j DNAT --to 192.168.0.2 Along other rules that don't get into colission with this ones When I try to make a conx from a WinXX machine with the VPN support (pptp), It connect (I saw the pptpd launching the pppd on the PC2), and there is GRE traffic (tcpdump -i eth0 proto gre; on pc2 show that), but the WinXX machine allway stay saing "Checking username and password" till it get a timeout. Appart from a possible problem with the pptpd/pppd config, are this rules OK to *forward* such kind of traffic from the FW to the internal server ? Thx in advance -- _ _ // Raúl A. Betancort Santana /> A Dream is an answer to __ \\ // <rabs@dimension-virtual.com> // question that we don't know (oo) \\ // Dimensión Virtual S.L. // how to ask. / \/ \ // \> A Linux Solution Provider </ `V__V' </
Attachment:
pgpeJP16WYVLI.pgp
Description: PGP signature