No offence but for the <insert large number here>th time use pptp helper in p-o-m.. ;) GRE is connectionless and also has no ports so connection tracking cannot map the port used to connect so it doesn't know which user behind the firewall to relay the packets to. So you need the patch-o-matic patch and select the PPTP helper to most likely fix your problem. Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au Phone : +61 2 9955 2644 HelpDesk: +61 2 9955 2698 -----Original Message----- From: Esteban [mailto:esteban@xxxxxxxxx] Sent: Tuesday, June 03, 2003 9:35 PM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Nat problem with GRE Hi there, I have some troubles to NAT GRE traffic. On my LAN, some users have to connect to an external PPTP server. The connection success for the first user who connect the PPTP server. But it fails for the others, when there is already a user connected to the server. I looked with tcpdump, and it seem that the GRE traffic of the second client is droped (TCP 1723 connection is OK) Actualy, I accept all the traffic destinated to the PPTP server (so tcp 1723 and gre traffic may be accepted). Does anybody know what I am doing wrong ? Thank you very much. -- Esteban esteban@xxxxxxxx
