Jeff,

Thanks again for the reply. I had no trouble getting IPSec working 
(m0n0-to-m0n0) - it's reliable and doesn't cause me any trouble.

I'm only NATing 4 services and none of them involve port 47 or 1723. I 
did try NATing 1723 to my PPTP server address - it made no difference so 
I removed the NAT rule again. I'm using the internal m0n0 PPTP server 
without RADIUS auth by the way.

My LAN itself doesn't have many boxes on - two Linux servers, a Win2k 
Pro machine and a WinXP Pro machine so it's not like there's a lot that 
could be going wrong there.

FWIW - what platform are you running on Jeff? Is there anyone else 
running PPTP on generic-pc?

Thanks,

Chris

Jeff Buehler wrote:
> Hi Chris -
> 
> In this configuration we have three separate LANS connected via IPSEC 
> VPN's as well as the PPTP connections from outside those.  We are using 
> DHCP and DNS forwarding as well.  We are not using Traffic Shaping, 
> Captive Portal, SNMP, or Syslog.
> 
> Your IPSEC works, but PPTP doesn't?  IPSEC is usually more a pain than 
> PPTP to get working.
> 
> Hmmm.  Make certain that you aren't routing or NAT'ing the PPTP ports 
> (GRE and TCP/IP on port 47 and port 1723 as I recall) to some other now 
> unnecessary PPTP device (like a Windows Server) on the WAN, which might 
> interfere with the PPTP.
> 
> I can't think of anything else right now - sorry!
> 
> Jeff