[pptp-server] GRE through ipchains masquerade

Brian Haney brian at ibsystems.com
Thu Apr 20 19:55:08 CDT 2000

I'm sure this must be a frequently-asked-question, but I could not
find the answer in the HOWTOs.

I am running RedHat Linux 6.0 as a gateway between my home LAN and a
PoPToP server at work.  I made sure the router at work would permit
all IP traffic through to the PoPToP server (a RedHat 6.1 box).  My
Windows NT 4.0 RAS client is on a private ( network behind
the RedHat 6.0 gateway.

                                       (          )
NT client  ----- RH6.0 Gateway  ----- (  INTERNET  ) ------
router ------ RH6.1 PoPToP                          (          )

The RH 6.0 gateway is using ipchains to masquerade my home network.
I have added the rules to accept and forward TCP port 1723 and IP
protocol 47.
A tcpdump on the PoPToP server and the public interface of the Gateway
shows that the Gateway is throwing ICMP no-route packets for proto47
back to the PoPToP server.

What am I missing?
Brian Haney  VP Engineering/CTO
brian at ibsystems.com  Internet Business Systems, Inc.

More information about the pptp-server mailing list