[pptp-server] win2k client --->NAT---->PPTP Server

Cowles, Steve Steve at SteveCowles.com
Mon Jan 29 07:58:27 CST 2001 

Mike,

Since your laptop is behind your RH6.1 based firewall... You will need to
patch your firewalls kernel to support masqueraded PPTP connections. i.e.
module ip_masq_pptp.o. Checkout the link that Jerry Vonau mentioned in his
reply to your post. You will be able to get the necessary patches there.

Also, since you are trying to establish an outbound PPTP connection, not
running a masq'd PPTP server... you will NOT need to use ipmasqadm/ipfwd in
this case. These commands are only required if your running a masqueraded
PPTP server and you are having to deal with inbound PPTP connections through
your firewall.

FWIW: If/when you properly patch your firewalls kernel and then establish an
outbound PPTP connection from behind your firewall... you will see the
following entries generated in your firewalls logfiles.

Jan 22 13:09:11 firewall kernel: ip_masq_pptp_tcp(): OUT_CALL_REQUEST
192.168.9.21 -> xx.xx.xx.xx CID=C000 MCID=F997
Jan 22 13:09:11 firewall kernel: ip_demasq_pptp_tcp(): OUT_CALL_REPLY
192.168.9.21 -> xx.xx.xx.xx CID=C000 MCID=F997
Jan 22 13:11:53 firewall kernel: ip_masq_pptp_tcp(): CALL_DISCONNECT_NOTIFY
192.168.9.21 -> xx.xx.xx.xx CID=C000 MCID=F997

NOTE: The 192.168.9.21 is my W2k box behind my firewall, xx.xx.xx.xx is the
ip address of the remote PPTP server.

Steve Cowles

> -----Original Message-----
> From: Mike Millner [mailto:mikem99 at qwest.net]
> Sent: Sunday, January 28, 2001 11:55 PM
> To: Jerry Vonau
> Cc: pptp-server at lists.schulte.org
> Subject: Re: [pptp-server] win2k client --->NAT---->PPTP Server
> 
> 
> The laptop is behind the linix box. The PPTP server is out on 
> the net. 
> 
> Thanks,
> Mike
> ----- Original Message ----- 
> From: "Jerry Vonau" <jvonau at home.com>
> To: "Mike Millner" <mikem99 at qwest.net>
> Cc: <pptp-server at lists.schulte.org>
> Sent: Sunday, January 28, 2001 10:41 PM
> Subject: Re: [pptp-server] win2k client --->NAT---->PPTP Server
> 
> 
> > Mike:
> > 
> > Is the laptop behind the linux box or is the server behind it?
> > Your setup looks like it is masq/portforwarding a server.
> > I don't think you need to portforward a client, but you may need to
> > patch
> > your kernel. How about a little more background?
> > 
> > see: http://www.impsec.org/linux/masquerade/ip_masq_vpn.html
> > 
> > Jerry Vonau
> >

More information about the pptp-server mailing list