Hi Miguel, the pptp needs the gre (47) protocol natted. I had this problem with a pptp-server behind the firewall, but I'm not sure if this fits to a client behind the firewll.
Try this: rules: DNAT wan lan:$client:1723 tcp 1723 DNAT wan lan:$client 47 masq: $EXTIF $client This line MUST be before any other masq rules. Hope this helps! Alex On Fri, 05 Sep 2008 13:57:45 +0200, "Miguel A. Velasco" <[EMAIL PROTECTED]> wrote: > Hi all, I´m running a server that frecuently needs to open a pptp > session with a remote server outside my Company. This server is running > behind a Shorewall firewall and I don´t find information in Shorewall > web page because there is no information in the link > http://www.shorewall.net/PPTP.htm#ClientsBehind > > Nowadays I can connect this server with the remote one but te session is > closed after 1 minute. > In the /etc/shorewall/rules I have: > > #Conexion Remota (IPSEC) de Ecinsa > ACCEPT loc:$IP_SERVER net udp 1723 > ACCEPT loc:$IP_SERVER net tcp 1723 > ACCEPT net loc:$IP_GALILEO udp 1723 > ACCEPT net loc:$IP_GALILEO tcp 1723 > > And IP_SERVER is defined in /etc/shorewall/params. > As I´ve said it just connect for 1 minute more or less ... > > I would be very greatfull to anyone could help me. > Thanks very much for your attention. > > Miguel Velasco > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
