Date: Thu, 17 Jul 2003 14:19:47 -0600 From: Brett Glass <brett@lariat.org> To: Michael Bretterklieber <mbretter@jawa.at> Cc: net@freebsd.org Subject: Re: NAT and PPTP Message-ID: <4.3.2.7.2.20030717141336.029bbb70@localhost> In-Reply-To: <20030717214046.D365@worf.jawa.at> References: <200307171936.NAA03141@lariat.org> <200307171936.NAA03141@lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:44 PM 7/17/2003, Michael Bretterklieber wrote: >that's not true, libalias (=natd) very well supports PPTP-nat. Maybe the >problem is in your firewall. Firewalls have to pass protocl 47 (=GRE) in >order to get PPTP to work. It is. In fact, I think that may be part of the problem. I didn't set this firewall up, but I do see a rule in there, fairly early on, that says "allow gre from any to any". Apparently, the literature says to add this. It occurs to me that this rule may cause the packets to bypass natd. On the other hand, if it's removed, the GRE packets seem to get blocked. Hmmm. --Brett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20030717141336.029bbb70>