Wilson Kwok wrote: > Hello, > > Please see the following picture: > > http://www.wilson-kwok.com/pptp.jpg > > I used one to one NAT from 210.0.0.1 to 192.168.0.2 for web server, > and then use port forwarding from 210.0.0.1 to 192.168.0.3 for pptp server, > but I cannot connect from my home to pptp server. > > Here is the nat file: > > 210.0.0.1 eth0:2 192.168.0.2 > > Here is the rules file: > > HTTP/ACCEPT net loc:192.168.0.2 > DNAT net loc:192.168.0.3 tcp 1723 - 210.0.0.1 > DNAT net loc:192.168.0.3 47 - - 210.0.0.1 >
What SNAT/MASQ entry governs traffic from 192.168.0.3 to the internet? If the PPTP server sends a GRE packet before it receives one, that rule will determine the source address of the packet. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
