[pptp-server] win2k client --->NAT---->PPTP Server

Sun Jan 28 23:41:31 CST 2001

Mike:

Is the laptop behind the linux box or is the server behind it?
Your setup looks like it is masq/portforwarding a server.
I don't think you need to portforward a client, but you may need to
patch
your kernel. How about a little more background?

see: http://www.impsec.org/linux/masquerade/ip_masq_vpn.html

Jerry Vonau

Mike Millner wrote:

> Hello, this is my first post to this list. I'm having a problem
> getting the PPTP connection to work. If I give the laptop a public
> address it makes the PPTP connection just fine. Here is my
> setup: win2k laptop                            Redhat 6.1
> kernel10.5.1.2       ------------------------->
> 2.2.12-20
> ----------------------------------------------->PPTP
> endpoint                                              eth0 63.x.x.x
> (public)                                              eth1
> 10.5.1.1  Nat is working fine. The win2k machine can browse web sites,
> ftp, telnet just fine. When I try to connect the PPTP connection I
> get: connecting, verifying user name and password, then "The specified
> port is not connected". I've been reading a lot and it seems that I
> need to allow port 1723 and protocol 47. These two lines have NAT
> working fine:/sbin/ipchains -P forward DENY
> /sbin/ipchains -A forward -s 10.5.1.0/24 -j MASQ  This Linux box has
> ipchains, ipmasqadm, and ipfwd installed. I'm pretty sure I have
> everything installed that I need. I just don't know the syntax for the
> port forwarding and the protocol allowing. These are some of the
> things I've tried: /usr/sbin/ipmasqadm portfw -a -P tcp -L 63.x.x.x
> 1723 -R 10.5.1.1 1723 /sbin/ipchains -A input -p TCP -i eth0 --dport
> 1723 -j ACCEPT
> /sbin/ipchains -A input -p 47 -i eth0 -j ACCEPT /usr/local/sbin/ipfwd
> --masq 10.5.1.1 47 &   I believe I'm real close. After staring at all
> day and changing things I'm asking for some help from a fresh pair of
> eyes.  Thanks,Mike