Re: VPN PPTP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wednesday 16 June 2004 8:12 pm, Luis GUSTAVO wrote:

> hi people,
>
> I make nat with my linux, and i have other machine
> windo 2000 server installed and configured vpn with
> pptp.
>
> and i want forward:
>
> port 1723 and the protocol GRE.
>
> how can i make this.

iptables -A FORWARD -p gre -s a.b.c.d -d w.x.y.z -j ACCEPT
iptables -A FORWARD -p tcp --dport 1723 -s a.b.c.d -d w.x.y.z -j ACCEPT

If your /etc/protocols file does not contain a definition for GRE (some do, 
some don't) then simply substitute the number 47 for gre in the rule above.

You probably only want on of the -s a.b.c.d or the -d w.x.y.z specifications, 
depending on which end of the link you are controlling (you say it's the 
server, so you probably want the -d w.x.y.z).

Also, if you are doing NAT, be aware that you can only support one PPTP 
connection at a time unless you use the PPTP-NAT conntrack helper module from 
patch-o-matic.

Regards,

Antony.

-- 
In Heaven, the police are British, the chefs are Italian, the beer is Belgian, 
the mechanics are German, the lovers are French, the entertainment is 
American, and everything is organised by the Swiss.

In Hell, the police are German, the chefs are British, the beer is American, 
the mechanics are French, the lovers are Swiss, the entertainment is Belgian, 
and everything is organised by the Italians.

                                                     Please reply to the list;
                                                           please don't CC me.



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux