Re: PPTP with NATed clients - Anyone that got it working?

From:	Jonas Claesson <jonas dot claesson at home dot se>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: PPTP with NATed clients - Anyone that got it working?
Date:	Thu, 07 Jul 2005 08:32:32 +0200

sylikc wrote:
> Jonas,
> 
> On 7/6/05, Jonas Claesson <jonas dot claesson at home dot se> wrote:
> 
>>Struggeling with the PPTP server in Monowall.
>>
>>Using 1.2b9 and the PPTP server works like a charm with clients that has
>>a public IP. With NATed clients it fails at authentication. Nothing in
>>the logs that helps me.
> 
> 
> Well, in a NATed environment, do you have control of your NAT box? 
> Other than the outgoing connection on TCP/1723 for PPTP, your NAT must
> also permit GRE (protocol 47) routing.  Either have "Enable VPN
> Routing" for the simple soho routers or enable GRE for in/out traffic.
> 
> Note it's PROTOCOL 47, not tcp or udp port.  If your NAT box doesn't
> pass that traffic, I've noticed symptoms that make it seem you've
> connected successfully to your m0n0 PPTP server, but no traffic gets
> passed, and nothing shows up in the logs.
> 
> 
> 
>>Can anyone that has a working monowall with NATed clients please explain
>>what firmware they are using and if there are anything special needed
>>for this to work.
> 
> 
> I've gotten this to work behind a NAT of a NAT and such, some double
> NATed network.  Nothing special needed except for the firewall rules
> on the NAT box.
> 
> 
> /sylikc

The NATed clients can connect to other PPTP servers so I'm guessing the 
issue isn't on the client side.
Are you using the latest 1.2b9 firmware?