Sorry for the introduction to my problem, but I felt it relevant in what I am trying to do. I have setup a gateway with IP and VPN / PPTP masquerading using a 2.6 kernel ( FC3 ). I am also using the following as a base: http://www.e-infomax.com/ipmasq/howto/c-html/firewall-examples.html#RC.FIREWALL-2.4.X However, only one client at a time from within the LAN can connect to a remote PPTP server. Based on Section 2.7 of this URL: http://www.tldp.org/HOWTO/VPN-Masquerade-HOWTO-2.html ... one should ensure that "PPTP Call ID masquerade" is enabled on the kernel to allow multiple clients to connect to a remote PPTP server. However, according to this: http://www.tldp.org/HOWTO/VPN-Masquerade-HOWTO-3.html The kernel option CONFIG_IP_MASQUERADE_PPTP_MULTICLIENT is only for 2.0 kernels, and with 2.2 kernels, it seemed to have been replaced with CONFIG_IP_MASQUERADE_PPTP: CONFIG_IP_MASQUERADE_PPTP - Enables PPTP data channel masquerading, if you are masquerading a PPTP client or server. This is now available as a module. Note that you no longer need to specify Call-ID masquerade. Now for 2.6 kernels, it seems that one has to use the pptp_conntrack_nat path-o-matic. However, based on this posting to this mailing list: http://lists.netfilter.org/pipermail/netfilter/2005-October/063045.html .... that the pptp_conntrack_nat patch has been accepted to the mainline kernel. So I downloaded the 2.6 kernel and also checked the changelog. Looks like I need to enable IP_NF_PPTP and IP_NF_NAT_PPTP. So am I right to assume that: 1) The patch-o-matic for pptp_conntrack_nat is no longer needed if one uses 2.6.15 kernels ? 2) A linux gateway with 2.6.15 kernel and IP and VPN masquerading and with the above modules loaded will finally allow mutliple clients within the LAN to connect to a remote PPTP server ?? Thanks. John
