On Wednesday 16 June 2004 8:12 pm, Luis GUSTAVO wrote:
> hi people,
>
> I make nat with my linux, and i have other machine
> windo 2000 server installed and configured vpn with
> pptp.
>
> and i want forward:
>
> port 1723 and the protocol GRE.
>
> how can i make this.
iptables -A FORWARD -p gre -s a.b.c.d -d w.x.y.z -j ACCEPT
iptables -A FORWARD -p tcp --dport 1723 -s a.b.c.d -d w.x.y.z -j ACCEPT
If your /etc/protocols file does not contain a definition for GRE (some do,
some don't) then simply substitute the number 47 for gre in the rule above.
You probably only want on of the -s a.b.c.d or the -d w.x.y.z specifications,
depending on which end of the link you are controlling (you say it's the
server, so you probably want the -d w.x.y.z).
Also, if you are doing NAT, be aware that you can only support one PPTP
connection at a time unless you use the PPTP-NAT conntrack helper module from
patch-o-matic.
Regards,
Antony.
--
In Heaven, the police are British, the chefs are Italian, the beer is Belgian,
the mechanics are German, the lovers are French, the entertainment is
American, and everything is organised by the Swiss.
In Hell, the police are German, the chefs are British, the beer is American,
the mechanics are French, the lovers are Swiss, the entertainment is Belgian,
and everything is organised by the Italians.
Please reply to the list;
please don't CC me.
