[pptp-server] VPN client using NAT

George Vieira GeorgeV at citadelcomputer.com.au
Tue Jul 10 19:00:19 CDT 2001


Funny enough, I read this too somewhere and yet I'm running 7.1 and can't
find the module.
I ran an 'updatedb' and then did a 'locate ip_masq_pptp' and found
nothing...???

thanks,
George Vieira
Network Engineer
Citadel Computer Systems P/L


-----Original Message-----
From: Tom Eastep [mailto:teastep at seattlefirewall.dyndns.org]
Sent: Wednesday, July 11, 2001 8:50 AM
To: Jerome Rock; pptp-server at lists.schulte.org
Subject: Re: [pptp-server] VPN client using NAT


On Tuesday 10 July 2001 02:34 pm, Tom Eastep wrote:
> On Tuesday 10 July 2001 02:28 pm, Jerome Rock wrote:
> > I have POPTOP running successfully on a red hat 7.0 system.  Windows
> > client can VPN into the machine w/o a problem UNLESS the client is
behind
> > a firewall.  Granted it might be the firewall.  I've tried behind a
Linux
> > firewall and I allow output for TCP and UDP 1723 and TCP protocol 47
> > (GRE) and it my windows VPN client still tells me the specific port is
> > not connected.
> >
> > What am I doing wrong?
>
> The Linux firewall has to have the VPN masq patches applied to the kernel;
> have you done that?
>

Pardon me for following up my own post but I realized after replying that
RH7 
has the VPN patches applied. So you only need to "modprobe ip_masq_pptp" 
during your firewall startup.

You will of course also need to allow input of non-SYN TCP port 1723 (you 
don't need UDP) and input of protocol 47.

-Tom
-- 
Tom Eastep          \  tom at seattlefirewall.dyndns.org
ICQ #60745924        \ http://seattlefirewall.dyndns.org
Shoreline, Washington \__________________________________________
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --



More information about the pptp-server mailing list