[pptp-server] win2k client --->NAT---->PPTP Server

Mike Millner mikem99 at qwest.net
Sun Jan 28 23:55:17 CST 2001 

The laptop is behind the linix box. The PPTP server is out on the net. 

Thanks,
Mike
----- Original Message ----- 
From: "Jerry Vonau" <jvonau at home.com>
To: "Mike Millner" <mikem99 at qwest.net>
Cc: <pptp-server at lists.schulte.org>
Sent: Sunday, January 28, 2001 10:41 PM
Subject: Re: [pptp-server] win2k client --->NAT---->PPTP Server


> Mike:
> 
> Is the laptop behind the linux box or is the server behind it?
> Your setup looks like it is masq/portforwarding a server.
> I don't think you need to portforward a client, but you may need to
> patch
> your kernel. How about a little more background?
> 
> see: http://www.impsec.org/linux/masquerade/ip_masq_vpn.html
> 
> Jerry Vonau
> 
> Mike Millner wrote:
> 
> > Hello, this is my first post to this list. I'm having a problem
> > getting the PPTP connection to work. If I give the laptop a public
> > address it makes the PPTP connection just fine. Here is my
> > setup: win2k laptop                            Redhat 6.1
> > kernel10.5.1.2       ------------------------->
> > 2.2.12-20
> > ----------------------------------------------->PPTP
> > endpoint                                              eth0 63.x.x.x
> > (public)                                              eth1
> > 10.5.1.1  Nat is working fine. The win2k machine can browse web sites,
> > ftp, telnet just fine. When I try to connect the PPTP connection I
> > get: connecting, verifying user name and password, then "The specified
> > port is not connected". I've been reading a lot and it seems that I
> > need to allow port 1723 and protocol 47. These two lines have NAT
> > working fine:/sbin/ipchains -P forward DENY
> > /sbin/ipchains -A forward -s 10.5.1.0/24 -j MASQ  This Linux box has
> > ipchains, ipmasqadm, and ipfwd installed. I'm pretty sure I have
> > everything installed that I need. I just don't know the syntax for the
> > port forwarding and the protocol allowing. These are some of the
> > things I've tried: /usr/sbin/ipmasqadm portfw -a -P tcp -L 63.x.x.x
> > 1723 -R 10.5.1.1 1723 /sbin/ipchains -A input -p TCP -i eth0 --dport
> > 1723 -j ACCEPT
> > /sbin/ipchains -A input -p 47 -i eth0 -j ACCEPT /usr/local/sbin/ipfwd
> > --masq 10.5.1.1 47 &   I believe I'm real close. After staring at all
> > day and changing things I'm asking for some help from a fresh pair of
> > eyes.  Thanks,Mike
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!
>

More information about the pptp-server mailing list