[pptp-server] VPN client using NAT
George Vieira
GeorgeV at citadelcomputer.com.au
Tue Jul 10 19:00:19 CDT 2001
Funny enough, I read this too somewhere and yet I'm running 7.1 and can't
find the module.
I ran an 'updatedb' and then did a 'locate ip_masq_pptp' and found
nothing...???
thanks,
George Vieira
Network Engineer
Citadel Computer Systems P/L
-----Original Message-----
From: Tom Eastep [mailto:teastep at seattlefirewall.dyndns.org]
Sent: Wednesday, July 11, 2001 8:50 AM
To: Jerome Rock; pptp-server at lists.schulte.org
Subject: Re: [pptp-server] VPN client using NAT
On Tuesday 10 July 2001 02:34 pm, Tom Eastep wrote:
> On Tuesday 10 July 2001 02:28 pm, Jerome Rock wrote:
> > I have POPTOP running successfully on a red hat 7.0 system. Windows
> > client can VPN into the machine w/o a problem UNLESS the client is
behind
> > a firewall. Granted it might be the firewall. I've tried behind a
Linux
> > firewall and I allow output for TCP and UDP 1723 and TCP protocol 47
> > (GRE) and it my windows VPN client still tells me the specific port is
> > not connected.
> >
> > What am I doing wrong?
>
> The Linux firewall has to have the VPN masq patches applied to the kernel;
> have you done that?
>
Pardon me for following up my own post but I realized after replying that
RH7
has the VPN patches applied. So you only need to "modprobe ip_masq_pptp"
during your firewall startup.
You will of course also need to allow input of non-SYN TCP port 1723 (you
don't need UDP) and input of protocol 47.
-Tom
--
Tom Eastep \ tom at seattlefirewall.dyndns.org
ICQ #60745924 \ http://seattlefirewall.dyndns.org
Shoreline, Washington \__________________________________________
_______________________________________________
pptp-server maillist - pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --
More information about the pptp-server
mailing list