You have to create a rule to allow the GRE tunnel back to your customer from the VPN Server IP. Are you forwarding ALL public IP traffic to his private IP?
I believe it is Protocol 47 or something like that. You also need to allow certain udp ports through but I don't remember off the top of my head. Do a quick google on "iptables IPSec NAT" and you should find what you need. Eric -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rabbtux rabbtux Sent: Monday, January 15, 2007 2:45 PM To: WISPA General List Subject: [WISPA] IPsec/UDP and my border NAT gateway Anyone have suggestions on what I need to do to allow my customer to do this type of VPN. I currently have customers behind my linux/iptables firewall that masquerades them out a single IP. This is the first customer who is having problems. Do I need a special rule to accomodate them?? The customer is using CenterBeam VPN services, and they tell him that, "your isp is blocking VPN pass thru". I'm not blocking anything. help! Thank you kindly, marshall -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/