Am Mi, den 28.07.2004 schrieb Trevor um 19:24: You "hijacked" a foreign thread, means your posting now appears as a reply to "Re: Convert CDIR notation to IP range" which it isn't. So please do not press reply to an existing list article when you want to start a new topic. This is because the mail contains now referencing header tags. > I have a PPTP server inside (green) a network. The old firewall was > ipchains-based, and now it's iptables. I can't seem to figure out how to > route GRE (protocol 47) and 1723 so that it works. > > I used ipfwd [http://catfish.csail.mit.edu/~cananian/Projects/IPfwd/] on the > ipchains side and that worked, but it doesn't work anymore on the 2.4 > kernel. portforwarding is now directly integrated into iptables. > Internet -> 2.4/iptables firewall (204.xxx.xx.xx/192.168.0.x) -> PPTP VPN > Server (192.168.0.x) > > I've tried adding these lines to my firewall script: The script is taken from http://martybugs.net/smoothwall/vpn.cgi which is for Smoothwall. > With no success. I suspect that it could be the mppe-ppp modules causing > problems. I'm sure that TCP/port 1723 is forwarding properly... but that's > all I see when I do a "iptstate" when trying to connect. Do you have Smoothwall installed or do you have any other iptables rules active which may block previous to your VPN rules? Your host is directly connected to the net through eth1? > Trev. Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp Serendipity 20:37:43 up 2 days, 5:44, load average: 1.07, 1.14, 1.15
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
