[pptp-server] How to set iptables to doesn't masquerade the VPN traffic?
Bruno Negrão
bnegrao at engepel.com.br
Wed Dec 19 12:53:02 CST 2001
Thank you in answering.
Why wouldn't you want them Masq'd?
In my understanding about VPNs, once you establish a vpn link between two remote private networks you'll deal with them as if those are normal private LAN's - thus I wouldn't like to mask one internal lan when connecting with the other lan, instead I want to enable routing between these lans (routing through the pptp link)
Are your client's behind the interface routeable Address's?
Yes.
I think by default It won't Masq them..I believe you need to tell it
to with the -t nat SNAT command.
Yes too. I found a rule that selectively masq all outbound traffic except that destined to the 192.168.0.0/24 network.
iptables -t nat -A POSTROUTING -o $EXTIF -s 192.168.50.0/24 -d ! 192.168.0.0/24 -j MASQUERADE
Someone tell us if I'm wrong......
Scott
THERE IS ONLY ONE...
SOCCER.COM, The Center of the Soccer Universe
http://www.soccer.com
_______________________________________________ pptp-server maillist - pptp-server at lists.schulte.org http://lists.schulte.org/mailman/listinfo/pptp-server --- To unsubscribe, go to the url just above this line. --
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20011219/72bef8de/attachment.html>
More information about the pptp-server
mailing list