Here is the masq file:
#INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC
eth0 eth1
Tom Eastep <[EMAIL PROTECTED]> 說:
Wilson Kwok wrote:
> Hello,
>
> Please see the following picture:
>
> http://www.wilson-kwok.com/pptp.jpg
>
> I used one to one NAT from 210.0.0.1 to 192.168.0.2 for web server,
> and then use port forwarding from 210.0.0.1 to 192.168.0.3 for pptp server,
> but I cannot connect from my home to pptp server.
>
> Here is the nat file:
>
> 210.0.0.1 eth0:2 192.168.0.2
>
> Here is the rules file:
>
> HTTP/ACCEPT net loc:192.168.0.2
> DNAT net loc:192.168.0.3 tcp 1723 - 210.0.0.1
> DNAT net loc:192.168.0.3 47 - - 210.0.0.1
>
What SNAT/MASQ entry governs traffic from 192.168.0.3 to the internet? If
the PPTP server sends a GRE packet before it receives one, that rule will
determine the source address of the packet.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
---------------------------------
現在你可輕易阻擋垃圾郵件,立即使用Yahoo! Mail 你就會相信!-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
