NAT and PPTP
Brett Glass
brett at lariat.org
Thu Jul 17 13:20:10 PDT 2003
At 01:44 PM 7/17/2003, Michael Bretterklieber wrote:
>that's not true, libalias (=natd) very well supports PPTP-nat. Maybe the
>problem is in your firewall. Firewalls have to pass protocl 47 (=GRE) in
>order to get PPTP to work.
It is. In fact, I think that may be part of the problem.
I didn't set this firewall up, but I do see a rule in there,
fairly early on, that says "allow gre from any to any".
Apparently, the literature says to add this.
It occurs to me that this rule may cause the packets to
bypass natd.
On the other hand, if it's removed, the GRE packets seem to
get blocked.
Hmmm.
--Brett
More information about the freebsd-net
mailing list