Hello List.
After weeks of trying to configure this simple thing that used to work on older release/distro (RH based) I decided to bother you with my problem.
I use FC3, fully up to date 2.6.10-1.770_FC3.
What I want to do is pretty simple : Connect to my VPN at work, from home, using a machine that is on the LAN.
What I did when it worked was pretty simple, I only forwarded port 1723/tcp to the LAN address of my machine.
But that no longer works. Now this seem to be a gre problem, tcpdump log this :
22:50:35.651866 IP vpn.****.*** > ***.******.org: call 18358 seq 1 gre-ppp-payload
22:50:38.645716 IP vpn.****.*** > ***.******.org: call 18358 seq 2 gre-ppp-payload
This seem to never go to my LAN machine, which is 192.168.12.150
Here are my firewall rules (filter table is ACCEPT everywhere):
Chain PREROUTING (policy ACCEPT 793K packets, 41M bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- eth0 any anywhere anywhere tcp dpt:1723 to:192.168.12.150
0 0 DNAT gre -- eth0 any anywhere anywhere to:192.168.12.150
Chain POSTROUTING (policy ACCEPT 3759 packets, 416K bytes)
pkts bytes target prot opt in out source destination
1102 64927 MASQUERADE all -- any eth0 anywhere anywhere
Chain OUTPUT (policy ACCEPT 88544 packets, 5382K bytes)
pkts bytes target prot opt in out source destination
I tried with and without forcing GRE nat without success, as you see, 0 packets traverse the rule.
I would like to avoid recompiling the kernel and play hours with POM to patch with a hazardous pptp nat module under 2.6, I hope some day this will be merged with the FC kernel...
Any idea people ? Nobody using FC3 as a gateway to connect to PPTP servers ?
Thabks for your help. -- Yann Bizeul - yann at tynsoe.org Please use this e-mail when writing to me.
You can visit my projects at this address : http://projects.tynsoe.org/ (BuddyPop - GeekTool - SSH Tunnel Manager...)