PPTP behind iptables.

PPTP behind iptables.

[Carl Girard]

I am trying to get a Window2000 Server VPN (PPTP) server behind my linux
firewall to work.  I have been able to forward web trafic to the internal
server just for testing.


I currently have this for NAT...
iptables -t nat -A POSTROUTING -s 172.20.40.0/24 -o eth0 -j MASQUERADE

And this for the forwarding of traffic on port 1723 (PPTP)...
iptables -t nat -A PREROUTING -p tcp --dport 1723 -i eth0 -j DNAT --to
172.20.40.2


I know that PPTP uses GRE (protocol 47) after the connection is made.  The
connection is initiated with a tcp connection to port 1723.

When I initiate a connection from a VPN PPTP client it gets as far as
authentication.  It finds the server and the server responds asking for
authentication information.  After that it dies.

eth0 - 68.3.233.69 (internet connection)
eth1 - 172.20.40.1 (lan connection)
ip of internal PPTP server - 172.20.40.2

Any help would be great.  Let me know if more information is needed.

Thanks,
Carl

Re: PPTP behind iptables.

[R. Sterenborg]

----- Original Message ----- 
From: "Carl Girard" <solo@digitalbullets.com>
To: <netfilter@lists.samba.org>
Sent: Wednesday, July 10, 2002 1:56 PM
Subject: PPTP behind iptables.


> I am trying to get a Window2000 Server VPN (PPTP) server behind my linux
> firewall to work.  I have been able to forward web trafic to the internal
> server just for testing.
> 
I'm using this setup too.
In the archives (about 2 days ago ?) I posted an article of how I do this.
Subject : "PPTP through masquerading gateway"


Rob