[pptp-server] PPTP behind a Firewall
John McKendry
mckendry at mediaone.net
Mon Apr 16 17:53:07 CDT 2001
Robert Dege wrote:
>
> Perhaps someone can help me here. I am trying (exhaustively) to get my
> PPTP server behind a firewall. I believe that I almost have it working,
> but one minor thing stands in my way.
>
> I receive this message on the firewall when attempting a PPTP connection:
>
> Apr 16 13:22:47 odo kernel: ip_masq_gre(): creating GRE masq for
> 172.28.254.46 -> 12.19.228.58 CID=0 MCID=643A
> Apr 16 13:22:47 odo kernel: ip_demasq_gre(): 12.19.228.58 ->
> 12.19.228.52 CID=0 no masq table, discarding
>
> For some reason, the MASQID is getting lost between the masqing &
> demasq'ing of the GRE packets.
>
You should be seeing ip_<masq|demasq>_pptp() messages. Are you using the Linux
PPTP client? I found that the commonly available Linux client uses the
wrong CallID once a PPTP session is established, and it causes the
sort of symptom you're seeing - masquerading doesn't recognize the
traffic as PPTP and tries to handle it as plain GRE.
If this doesn't involve the Linux client, I can't help. If it does,
I'll either track down the patch or put a new one together.
John
More information about the pptp-server
mailing list