i'm not using the pptp-conntrack patch yet. So i tried to forward port 1723 and protocol 47 to the target machine. That's is what should work - but it didn't.
A tcpdump revealed that my Linux box rejected the GRE packets with "icmp protocol 47 unreachable" packets. What did i do wrong?
I turned of my whole firewall and flushed all tables. The rules
iptables -t nat -A PREROUTING -p tcp --dp 1723 -j DNAT --to <ip> iptables -t nat -A PREROUTING -p 47 -j DNAT --to <ip>
simply didn't work. My Linux box keeps sending the icmp packets.
Does anybody know why it does that?
Thx Sven
