RH7.3 works out of the box with iptables for a single internal PPTP client to an external server (MS jargon). But probably not well for multiple simultaneous connections.
But is is still not clear which protocol is required or which direction is initiating the connection from the original poster. I guess masq implies connections initiated internally. If you are using PPTP and you are actually paranoid then you will be dropping forwarded connections by default and need to accept on your forwarded outgoing chain ... -p tcp -d $PPTP_SERVER --dport 1723 -j ACCEPT ... -p 47 -d $PPTP_SERVER -j ACCEPT But IPSEC will be something different. Cameron. > -----Original Message----- > From: Rigler, S C (Steve) [mailto:[EMAIL PROTECTED]] > Sent: Thursday, 28 November 2002 05:08 > To: [EMAIL PROTECTED] > Subject: RE: VPN masq > > > That's correct. Basically, it looks like: > > VPN Client --> (eth0) RH Machine (eth1) --> Internet --> > Extranet Switch > > I didn't put anything special into my rules to enable this. > Aside from the rules I have setup for paranoia, misc > port-forwarding, and other traffic, I believe the affecting rules are: > > -A POSTROUTING -o eth1 -j MASQUERADE > -A FORWARD -s 192.168.10.0/24 -o eth1 -j ACCEPT > > -Steve > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
