[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  Chris Van Vorous <m0unds at speakeasy dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Using m0n0wall as a remote PPTP/VPN server
 Date:  Fri, 3 Jun 2005 11:17:18 -0400
On 6/3/05, Chris Van Vorous <m0unds at speakeasy dot net> wrote:
>  Hi everyone, this is my first post.
>  
>  I've read through lots of questions regarding PPTP/VPN functionality
> withing m0n0wall, but I couldn't really find a concrete answer to my
> particular problem. 
>         1. Remote connections to my external IP, requesting a PPTP session
> fail with Microsoft Windows error 619
>         2. Connections on the LAN work just fine (so do connections from my
> wlan)
>      
>  I've setup a NAT Forwarding rule to take traffic to TCP port 1723 (PPTP)
> and send it to one interface address of the m0n0wall (192.168.1.5 in this
> instance). I set up a matching firewall rule to permit traffic across that
> NAT link. After seeing my firewall log (as I have pasted), I also tried to
> forward GRE traffic to see if it would matter. I've also run a full-on
> forward firewall rule: WAN, any port, any protocol, etc with no result.
>  

If m0n0wall isn't behind another firewall, you don't need any NAT
entries or firewall rules.  All that gets added automatically.  I'd
suspect this NAT entry is breaking things by sending the TCP traffic
to a different interface than the GRE traffic.  Remove all the NAT and
firewall rule stuff and it should just work.

-Chris